CERT mailing list archives
Current Activity - RuggedCom Rugged Operating System Vulnerability
From: Current Activity <us-cert () us-cert gov>
Date: Tue, 24 Apr 2012 16:33:44 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 US-CERT Current Activity RuggedCom Rugged Operating System Vulnerability Original release date: Tuesday, April 24, 2012 at 4:14 pm Last revised: Tuesday, April 24, 2012 at 4:14 pm RuggedCom Rugged Operating System (ROS), used in RuggedCom network infrastructure devices, contains a hard-coded user account with a predictable password. This user account cannot be manually disabled. An attacker who successfully guesses the password may be able to gain complete administrative control of the ROS device. As a workaround, RuggedCom has recommended disabling the rsh service and setting the number of telnet connections allowed to 0. For more information, please see US-CERT Vulnerability Note VU#889195. Relevant Url(s): <http://www.kb.cert.org/vuls/id/889195> <http://www.ruggedcom.com/products/index.php> ____________________________________________________________________ Produced by US-CERT, a government organization. ____________________________________________________________________ This product is provided subject to the Notification as indicated here: http://www.us-cert.gov/legal.html#notify This document can also be found at http://www.us-cert.gov/current/#ruggedcom_rugged_operating_system_vulnerability For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iQEVAwUBT5cOHz/GkGVXE7GMAQKvfQf/QodmxFcIG1QJhD954f9p58zha+3i62Ki O2DPfDjO5uMGi0RL5LrOM9FjFj0nSoJMN7fFPcR9ChYtRtJ7uJ0aLzswjXWZUoht MPH57GwIkX1pyCCw3/w6cZgkZftGuro5uCSIRqNBU3YOwxvpFNXQ3xUbOhJCERrR +c3P3z5fgdj7BU8B5Aq5jyhXz4ugRO159qIYpqHQBzHu6UMkV+6a4+BVh8xEwMxV vJvSe4mCOYyofQlPLyQuaXO7ICJtTSHIzteMHWhBXbPOKD0bVG660Eq1fDLHdTMn 4ZhnEcxFR+B5k53EUTzpAHYGhl1es1j59rT7Zwqx8a5I4UB0gBDANA== =+wFb -----END PGP SIGNATURE-----
Current thread:
- Current Activity - RuggedCom Rugged Operating System Vulnerability Current Activity (Apr 24)