Nortel Networks router telnet manager level without password 1.0
 
Plugin ID284
Plugin nameNortel Networks router telnet manager level without password
Plugin filenameNortel Networks router telnet manager level without password.plugin
Plugin filesize2252 bytes
Plugin familyNetwork Devices
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/02
Plugin version1.0
Plugin protocoltcp
Plugin port23
Plugin procedure exploitopen|sleep|send Manager\n|sleep|close|pattern_exists $
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 2000 Victor Kirhenshtein
Bug produced nameNortel Networks
Bug affectedNortel Networks
Bug not affectedOther solutions
Bug vulnerability classWeak Authentication
Bug descriptionThe remote Nortel Networks (former Bay Networks) router has no password for the manager account. An attacker could telnet to the router and reconfigure it to lock you out of it. This could prevent you from using your Internet connection.
Bug solutiontelnet to this router and set a password immediately.
Bug fixing timeApprox. 10 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localMaybe
Bug severityHigh
Bug popularity8
Bug simplicity8
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 10528 (Nortel Networks passwordless router (manager level)).
Source Nessus ID10528
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.