Cheops NG Without Password Network Vulnerability

Summary

The remote service does not require a password for access. Description : The Cheops NG agent on the remote host is running without authentication. Anyone can connect to this service and use it to map your network, port scan machines and identify running services.

Solution

Restrict access to this port or enable authentication by starting the agent using the '-p' option.

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
Apple Safari Secure Cookie Security Bypass Vulnerability (Windows)
Apache Error Log Escape Sequence Injection
Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
Apple Safari Multiple Memory Corruption Vulnerabilities-01 Aug14 (Mac OS X)

Cheops NG without password

Take action and discover your vulnerabilities