View Single Post
  #1   (View Single Post)  
Old 15th December 2010
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,056
Default BACKDOR in storage array by HP, in P2000/MSA2000 G3 model

http://www.geek.com/articles/chips/s...rays-20101214/

Quote:
If you do happen to use on at your place of work, you should be aware of a recent discovery that there is a hidden user on each of these boxes that does not show up in the user manager.

This admin user, with a password of !admin, can’t be changed in any way, including the password, since they do not show up in user manager. This is the kind of backdoor that would cripple any business that relied on secure networked storage, should your network be discovered by someone malicious.

Hopefully there is an update HP can deploy en masse that could resolve such a backdoor, but for now it is a problem that all HP MSA2000 G3 owners should be aware of.
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote