Unpassworded Bash Account Network Vulnerability

Summary

The account 'account' has no password set. An attacker may use it to gain further privileges on this system This account was probably created by a backdoor installed by a fake Linux Redhat patch. See http://www.k-otik.com/news/FakeRedhatPatchAnalysis.txt

Solution

disable this account and check your system

Severity

Classification

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

WinSATAN
HACKER defender finder
Default web account on Zyxel
64-bit Debian Linux Rootkit with nginx Doing iFrame Injection
Unpassworded bash account

Take action and discover your vulnerabilities