OSVDB ID: 289

Title: Red Hat Piranha Default Password

Info

Disclosure

Apr 18, 2000

Discovery

Unknown

Dates

Exploit

Apr 18, 2000

Solution

Unknown

Description

By default, Piranha installs with a default password. The piranha account has a password of either piranha or q which is publicly known and documented. This allows attackers to trivially access the program or system.

Classification

Location: Remote / Network Access
Attack Type: Authentication Management
Impact: Loss of Confidentiality, Loss of Integrity
Solution: Change Default Setting
Exploit: Exploit Public
Disclosure: Third-party Verified

Solution

Immediately after installation, change all default install passwords to a unique and secure password. When possible, change default accounts to custom names as well.

Products

Red Hat, Inc.

Linux

6.2

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/289