GEN:SID 1:2146
Message WEB-PHP TextPortal admin.php default password 12345 attempt
Summary This event is generated when an attempt is made to exploit a weakness in the php application TextPortal.
Impact Potential administrator access.
Detailed Information This event indicates that an attempt has been made to supply a known default administrator password for the php application TextPortal.

The default administrator account 'god2' has known, weak passwords that could be used by an attacker to gain unauthorized access to the application.

Affected Systems Any host using TextPortal.
Attack Scenarios An attacker can log in to the application using the account god2 and gain administrator access to the site.
Ease of Attack Simple.
Corrective Action Check the php implementation on the host. Ensure all measures have been taken to deny access to sensitive files.

Disable the god2 account.

Check the host for signs of compromise.
Additional References Bugtraq:
http://www.securityfocus.com/bid/7673
Rule References bugtraq: 7673
nessus: 11660