Shiva Integrator Default Password

high Nessus Plugin ID 10500

Synopsis

The remote router can be accessed with default credentials.

Description

The remote Shiva router uses the default password. This means that anyone who has (downloaded) a user manual can telnet to it and reconfigure it to lock you out of it, and to prevent you to use your internet connection.

Solution

telnet to this router and set a different password immediately.

Plugin Details

Severity: High

ID: 10500

File Name: shiva_default_pass.nasl

Version: 1.15

Type: remote

Family: Misc.

Published: 8/31/2000

Updated: 8/13/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 9/12/2002

Exploitable With

Metasploit (SNMP Community Scanner)

Reference Information

CVE: CVE-1999-0508