Cisco device without password 1.0
 
Plugin ID293
Plugin nameCisco device without password
Plugin filenameCisco device without password.plugin
Plugin filesize2246 bytes
Plugin familyNetwork Devices
Plugin created nameMarc Ruef
Plugin created emailmarc.ruef at computec.ch
Plugin created webhttp://www.computec.ch
Plugin created companycomputec.ch
Plugin created date2005/01/04
Plugin version1.0
Plugin protocoltcp
Plugin port23
Plugin procedure exploitopen|sleep|send password\n|sleep|send show ver\n|sleep|close|pattern_exists Cisco Internetwork Operating System Software
Plugin exploit accuracy98
Plugin commentThe NASL script is Copyright (C) 2001 Renaud Deraison
Bug produced nameCisco Systems
Bug produced emailinfo at cisco dot com
Bug produced webhttp://www.cisco.com
Bug vulnerability classConfiguration
Bug descriptionThe remote CISCO router has no password set. This allows an attacker to get a lot information about your network, and possibly to shut it down if the 'enable' password is not set either.
Bug solutiontelnet to this device and set a password.
Bug fixing timeApprox. 20 minutes
Bug exploit availabilityYes
Bug remoteYes
Bug localMaybe
Bug severityHigh
Bug popularity9
Bug simplicity7
Bug impact9
Bug risk8
Bug Nessus riskHigh
Bug check toolsNessus can check this flaw with the plugin 10754 (Cisco password not set).
Source CVECAN-1999-0508
Source Nessus ID10754
Source LiteratureHacking Exposed: Network Security Secrets & Solutions, Stuart McClure, Joel Scambray and George Kurtz, February 25, 2003, 4th Edition, McGraw-Hill Osborne Media, ISBN 0072227427
Source Misc.http://www.computec.ch

This file was generated by the Attack Tool Kit (ATK), the open-sourced security scanner and exploiting framework.