Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4361

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-4361
Last Modified 05 Sep 2008 05:28:02
Published 15 Aug 2007 03:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4361

Summary

NETGEAR (formerly Infrant) ReadyNAS RAIDiator before 4.00b2-p2-T1 beta creates a default SSH root password derived from the hardware serial number, which makes it easier for remote attackers to guess the password and obtain login access.

Vulnerable Systems


References

BID - 25290

SECUNIA - 26442

BUGTRAQ - 20070813 Default Root Password in Infrant (now Netgear) ReadyNAS "RAIDiator"

CONFIRM - http://www.infrant.com/forum/viewtopic.php?t=3366&start=30

CONFIRM - http://www.infrant.com/forum/viewtopic.php?t=12313

CONFIRM - http://www.infrant.com/forum/viewtopic.php?t=12249

XF - readynas-ssh-security-bypass(36011)

OSVDB - 36357

SREASON - 3017


Last Updated: 27 May 2016 10:45:50