Detections
Analytics

Default Password (zebra) for Zebra

critical Nessus Plugin ID 16205

Language:

Synopsis

The remote router is protected with a default password.

Description

The remote host is running Zebra, a routing daemon.

The remote Zebra installation uses as its password the default, 'zebra'. An attacker may log in using this password and control the routing tables of the remote host.

Solution

Edit 'zebra.conf' and set a strong password.

See Also

https://seclists.org/bugtraq/2004/Aug/184

https://seclists.org/bugtraq/2004/Aug/205

Plugin Details

Severity: Critical

ID: 16205

File Name: zebra_default_password.nasl

Version: 1.17

Type: remote

Family: Firewalls

Published: 1/19/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 8/12/2004

Reference Information

BID: 10935