PT-2000-1327 · Nortel · Netstructure

Published

2000-05-08

Updated

2008-09-05

CVE-2000-0384

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions NetStructure versions 7110 and 7180

Description The issue concerns easily guessable passwords for undocumented accounts, including servnow, root, and wizard, which can be derived from the NetStructure's MAC address. This could allow remote attackers to gain root access.

Recommendations For NetStructure versions 7110 and 7180, consider changing the default passwords of the undocumented accounts servnow, root, and wizard to strong, unique passwords to prevent easy guessing. As a temporary workaround, restrict remote access to the NetStructure devices until a more secure configuration can be implemented.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0384

Affected Products

Netstructure

PT-2000-1327 · Nortel · Netstructure

CVE-2000-0384

Related Identifiers

Affected Products

References · 7