GEN:SID 1:2406
Message TELNET APC SmartSlot default admin account attempt
Summary This event is generated when an attempt is made to access an APC device
using a known default administrative account and password via Telnet.
Impact Serious. Unauthorized administrative access to the device.
Detailed Information The APC Management card uses a known default administrative name and
password. This rule generates an event when these credentials are used
in a Telnet session. If this account and password have not been changed
this can lead to unauthorized administrative access to the device.
Affected Systems APC WEB/SNMP Management Card (9606) Firmware 3.0 and 3.0.1
Attack Scenarios An attacker may try to use this password and username combination to
gain access to an affected device.
Ease of Attack Simple.
Corrective Action Ensure the system is using an up to date version of the software and has
had all vendor supplied patches applied.

Change the administrative account username and password.
Additional References  
Rule References bugtraq: 9681
cve: 2004-0311
nessus: 12066