Network Security

AERAsec
Network Security
Current Security Messages


Most of the links lead to the corresponding files at CERT or other organisations. So changes take place immediately, especially which patches should be installed or which changes in the configuration should be made to avoid this vulnerability. Some of the files are transferred by FTP.

By the way: If we're not publishing well-known risks inheritant in any widely used platform or program that doesn't mean this particular platform or program is safe to use!

Here you find our network security search engine!


This is some information you send:

Your Browser

CCBot/2.0 (http://commoncrawl.org/faq/)

Your IP address

ec2-54-163-168-15.compute-1.amazonaws.com [54.163.168.15]

Your referer

(filtered or not existing)

Current month, Last month, Last 10 messages, Last 20 messages (index only)

Chosen message with ID ae-201203-045

System: Appliance
Topic: Vulnerability in several tape libraries
Links: VU #913483, Quantum, Dell, IBM, X-Force #74159, X-Force #74160, X-Force #74161
ID: ae-201203-045

Cross scripting and preconfigured password vulnerabilities have been reported to exist in the Quantum Scalar i500, Dell ML6000 and IBM TS3310 tape libraries. The preconfigured passwords for certain accounts are considered to be weak and could be exploited allowing an attacker user access. An attacker with access to a local user account or via malicious URL can execute arbitrary code or commands on the vulnerable system.
Upgrades for affected firmware are available now.



(c) 2000-2014 AERAsec Network Services and Security GmbH