| VID |
16064 |
| Severity |
40 |
| Port |
21 |
| Protocol |
TCP |
| Class |
FTP |
| Detailed Description |
The FTP service allows a login using a guessable username and password combination. A FTP service that has users with the password being easy to guess may allow attackers access to unauthorized areas of the computer.
* Platforms Affected:
FTP Any version |
| Recommendation |
Disable the open account or change the password to something difficult to guess.
Unix: Disable login access to this Unix account if it is not needed:
1. Edit the /etc/passwd file, and locate the account.
2. Place an * (asterisk) in the password field.
3. Place the string /bin/false in the shell field. An example of the /etc/passwd entry for a disabled guest account should resemble the following:
guest:*:2311:50:Guest User:/home/guest:/bin/false
4. Save and exit the file.
Windows: Change the password on this account to something difficult to guess, or disable login access to this Windows account.
To change a password on a Windows account:
1. Open 'Control Panel/System and Security/Administrative Tools/Computer Management/Local User and Groups/Users'
2. Right-click the account and select 'Set Password'.
3. To change the password to something difficult to guess, type and confirm the new password.
4. Click OK.
-- OR --
To disable login access to a Windows account:
1. Open 'Control Panel/System and Security/Administrative Tools/Computer Management/Local User and Groups/Users'
2. Double-click the account to display the User Properties dialog box.
3. To disable the account, select the 'Account is Disabled' check box.
4. Click OK. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
204 (ISS) |
|
