Test Kennung:	1.3.6.1.4.1.25623.1.0.12258
Kategorie:	CGI abuses
Titel:	NetGear Hidden Password Check
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: NetGear ships at least one device with a builtin administrator account. This account cannot be changed via the configuration interface and enables a remote attacker to control the NetGear device. To duplicate this error, simply point your browser to a vulnerable machine, and log in (when prompted) with userid = super password = 5777364 or userid = superman password = 21241036 Solution: Contact vendor for a fix. As a temporary workaround, disable the webserver or filter the traffic to the NetGear webserver via an upstream firewall. Risk factor : High
Querverweis:	BugTraq ID: 10459 Common Vulnerability Exposure (CVE) ID: CVE-2004-2557 http://www.securityfocus.com/bid/10459 Bugtraq: 20040603 Netgear WG602 Accesspoint vulnerability (Google Search) http://archives.neohapsis.com/archives/bugtraq/2004-06/0036.html Bugtraq: 20040605 Re: Netgear WG602 Accesspoint vulnerability (Google Search) http://www.securityfocus.com/archive/1/365230 Computer Incident Advisory Center Bulletin: O-159 http://www.ciac.org/ciac/bulletins/o-159.shtml http://slashdot.org/articles/04/06/08/1319206.shtml?tid=126&tid=172 http://www.osvdb.org/6743 http://secunia.com/advisories/11773 XForce ISS Database: netgearwg602-default-account(16312) https://exchange.xforce.ibmcloud.com/vulnerabilities/16312 Common Vulnerability Exposure (CVE) ID: CVE-2004-2556
Copyright	This script is Copyright (C) 2004 Tenable Network Security

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.