Provided by Aanval (Snort & Syslog Intrusion Detection and Correlation Engine) www.aanval.com
--
| GEN:SID | 1:2334 |
| Message | FTP Yak! FTP server default account login attempt |
| Summary | This event is generated when an attempt is made to access a Yak! FTP server using the default username and password. |
| Impact | Administrative access to the server. |
| Detailed Information | Yak FTP servers have a default username and password of "user" and "y049575046", if this is not changed by the administrator it is possible for an attacker to gain unauthorised access to the server. |
| Affected Systems | Yak FTP servers |
| Attack Scenarios | An attacker merely needs to login to the server using the default username and password. |
| Ease of Attack | Simple. No exploit software required. |
| Corrective Action | Change the username and password. |
| Additional References | |
| Rule References | bugtraq: 9072 |
--
DID:150703
--
http://www.aanval.com/