<plugin_id>272</plugin_id>
<plugin_name>Netgear RP114 telnet administration detection</plugin_name>
<plugin_family>Firewalls</plugin_family>
<plugin_created_date>2004/11/12</plugin_created_date>
<plugin_created_name>Marc Ruef</plugin_created_name>
<plugin_created_email>marc dot ruef at computec dot ch</plugin_created_email>
<plugin_created_web>http://www.computec.ch</plugin_created_web>
<plugin_created_company>computec.ch</plugin_created_company>
<plugin_version>1.0</plugin_version>
<plugin_protocol>tcp</plugin_protocol>
<plugin_port>23</plugin_port>
<plugin_procedure_detection>open|sleep|clsose|pattern_exists *ÿûÿû*Password: *</plugin_procedure_detection>
<plugin_detection_accuracy>97</plugin_detection_accuracy>
<plugin_comment>There are several other possibilities to detect a Netgear RP114 - These will be implemented as independend ATK plugin in the future.</plugin_comment>
<bug_affected>Netgear RP114</bug_affected>
<bug_not_affected>Other solutions</bug_not_affected>
<bug_vulnerability_class>Configuration</bug_vulnerability_class>
<bug_description>The remote host seems to be a Netgear RP114. This is a small SOHO appliance firewall. It is possible to define the settings over the telnet interface. This does just rely on a simple password authentication (no user name) in clear text.</bug_description>
<bug_solution>The server should be deactivated or de-installed if not necessary. To make it harder to find the server the daemon could be configured to listen at another port (e.g. 8023). Try to prevent unwanted connection attempts by filtering traffic with firewalling.</bug_solution>
<bug_fixing_time>Approx. 1 hour</bug_fixing_time>
<bug_exploit_availability>Yes</bug_exploit_availability>
<bug_remote>Yes</bug_remote>
<bug_local>No</bug_local>
<bug_severity>Medium</bug_severity>
<bug_popularity>6</bug_popularity>
<bug_simplicity>8</bug_simplicity>
<bug_impact>7</bug_impact>
<bug_risk>7</bug_risk>
<source_literature>Hacking Intern - Angriffe, Strategien, Abwehr, Marc Ruef, Marko Rogge, Uwe Velten and Wolfram Gieseke, November 1, 2002, Data Becker, Düsseldorf, ISBN 381582284X</source_literature>
<source_misc>http://www.computec.ch</source_misc>