CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
85.7%
The remote Zaurus FTP server can be accessed as the user ‘root’ with no password. An attacker may use this flaw to steal or modify the content of your PDA, including (but not limited to) your address book, personal files, and list of appointments.
#
# (C) Tenable Network Security, Inc.
#
# Script audit and contributions from Carmichael Security
# Erik Anderson <[email protected]>
# Added BugtraqID
#
include("compat.inc");
if(description)
{
script_id(11045);
script_cve_id("CVE-2002-1974");
script_bugtraq_id(5200);
script_version ("1.19");
script_name(english:"Zaurus PDA FTP Server Unpassworded root Account");
script_summary(english:"Logs into the remote Zaurus FTP server");
script_set_attribute(attribute:"synopsis", value:
"The remote FTP server has an account with a blank password." );
script_set_attribute(attribute:"description", value:
"The remote Zaurus FTP server can be accessed as the user 'root' with
no password. An attacker may use this flaw to steal or modify the
content of your PDA, including (but not limited to) your address book,
personal files, and list of appointments." );
script_set_attribute(attribute:"see_also", value:"https://seclists.org/bugtraq/2002/Jul/93" );
script_set_attribute(attribute:"solution", value:
"There is no known solution at this time." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2002-1974");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_publication_date", value: "2002/07/11");
script_set_attribute(attribute:"vuln_publication_date", value: "2002/07/10");
script_cvs_date("Date: 2018/11/15 20:50:22");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"FTP");
script_copyright(english:"This script is Copyright (C) 2002-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_require_ports(4242);
exit(0);
}
#
# The script code starts here :
#
include('ftp_func.inc');
port = get_ftp_port( default:4242 );
banner = get_ftp_banner(port:port);
if (!banner || "Qtopia" >!< banner ) exit(0, 'The FTP port on port ' + port + ' is not Qtopia.' );
soc = ftp_open_and_authenticate( user:"root", pass:"", port:port );
if(soc)
{
security_hole(port);
close(soc);
}