Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

		DaemonForums > DaemonForums.org > News
Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

FAQ

Today's Posts

News News regarding BSD and related.

Thread Tools

Display Modes

#1 (View Single Post)

12th January 2016

J65nko

Administrator

Join Date: May 2008

Location: Budel - the Netherlands

Posts: 4,132

Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

From http://arstechnica.com/security/2016...ropping-fears/

Quote:

Less than a month after Juniper Network officials disclosed an unauthorized backdoor in the company's NetScreen line of firewalls, researchers have uncovered highly suspicious code in older software from Juniper competitor Fortinet.

The suspicious code contains a challenge-and-response authentication routine for logging into servers with the secure shell (SSH) protocol. Researchers were able to unearth a hard-coded password of "FGTAbc11*xy+Qqz27" (not including the quotation marks) .....

__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are On [IMG] code is On HTML code is Off Forum Rules

Forum Jump

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Another backdoor or Vector ?	frcc	News	0	17th February 2015 12:48 PM
Security Critical crypto bug in OpenSSL opens two-thirds of the Web to eavesdropping	comet--berkeley	News	6	13th April 2014 03:54 AM
Security Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping	J65nko	News	0	4th March 2014 10:59 PM
Security phpMyAdmin distributed with backdoor	J65nko	News	0	26th September 2012 02:44 PM
Oracle raises prices for MySQL	J65nko	News	4	7th November 2010 07:53 PM

All times are GMT. The time now is 08:17 AM.