Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.104102
Category:Nmap NSE net
Title:Nmap NSE net: ftp-brute
Summary:Tries to get FTP login credentials by guessing usernames and passwords.;;This uses the standard unpwdb username/password list. However, in tests FTP servers are;significantly slower than other servers when responding, so the number of usernames/passwords can be;artificially limited using script arguments.;;SYNTAX:;;userdb: The filename of an alternate username database.;;unpwdb.timelimit: The maximum amount of time that any iterator will run;before stopping. The value is in seconds by default and you can follow it;with 'ms', 's', 'm', or 'h' for;milliseconds, seconds, minutes, or hours. For example,;'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for;30 minutes. The default depends on the timing template level (see the module;description). Use the value '0' to disable the time limit.;;unpwdb.userlimit: The maximum number of usernames;'usernames' will return (default unlimited).;;passdb: The filename of an alternate password database.;;passlimit: The number of passwords to try (default: unlimited).;;userlimit: The number of user accounts to try (default: unlimited).;;limit: Set 'userlimlt' and 'passlimit' at the same time.;;unpwdb.passlimit: The maximum number of passwords;'passwords' will return (default unlimited).
Description:Summary:
Tries to get FTP login credentials by guessing usernames and passwords.

This uses the standard unpwdb username/password list. However, in tests FTP servers are
significantly slower than other servers when responding, so the number of usernames/passwords can be
artificially limited using script arguments.

SYNTAX:

userdb: The filename of an alternate username database.

unpwdb.timelimit: The maximum amount of time that any iterator will run
before stopping. The value is in seconds by default and you can follow it
with 'ms', 's', 'm', or 'h' for
milliseconds, seconds, minutes, or hours. For example,
'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for
30 minutes. The default depends on the timing template level (see the module
description). Use the value '0' to disable the time limit.

unpwdb.userlimit: The maximum number of usernames
'usernames' will return (default unlimited).

passdb: The filename of an alternate password database.

passlimit: The number of passwords to try (default: unlimited).

userlimit: The number of user accounts to try (default: unlimited).

limit: Set 'userlimlt' and 'passlimit' at the same time.

unpwdb.passlimit: The maximum number of passwords
'passwords' will return (default unlimited).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

CopyrightCopyright (C) 2011 NSE-Script: The Nmap Security Scanner; NASL-Wrapper: Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.