Passwordless Zaurus FTP server
|
|
Article ID: 11045
Last updated: 27 Jan, 2009
|
|
|
|
Views: 375
|
|
Posted: 22 Jan, 2009
by: Tech Pubs S.
Updated: 27 Jan, 2009
by: Tech Pubs S.
|
|
Passwordless Zaurus FTP server |
|
| This script is Copyright (C) 2002 Renaud Deraison |
|
|
| Family | FTP |
| Plugin ID | 11045 |
| Bugtraq ID | 5200
|
| CVE ID | CVE-2002-1974
|
|
| Description: |
The remote Zaurus FTP server can be accessed as the user root with no
password.
An attacker may use this flaw to steal the content of your PDA,
including (but not limited to) your address book, personal files
and list of appointements. In addition to this, an attacker may
modify these files.
Solution: None at this time. Unplug your Zaurus from the network.
Risk factor : High |
|
