PT-2000-1327 · Nortel · Netstructure

Publicado

2000-05-08

Atualizado

2008-09-05

CVE-2000-0384

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NetStructure versions 7110 and 7180

Description The issue concerns easily guessable passwords for undocumented accounts, including servnow, root, and wizard, which can be derived from the NetStructure's MAC address. This could allow remote attackers to gain root access.

Recommendations For NetStructure versions 7110 and 7180, consider changing the default passwords of the undocumented accounts servnow, root, and wizard to strong, unique passwords to prevent easy guessing. As a temporary workaround, restrict remote access to the NetStructure devices until a more secure configuration can be implemented.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2000-0384

Produtos afetados

Netstructure

PT-2000-1327 · Nortel · Netstructure

CVE-2000-0384

Identificadores relacionados

Produtos afetados

Referências · 7