Seagate GoFlex Satellite Remote Telnet Default Password

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password Title: Seagate GoFlex Satellite Remote Telnet Default Password Advisory ID: KL-001-2015-007 Publication Date: 2015.12.18 Publication URL:...

CVE-2015-6389

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707...

Hardcoded credentials

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707...

CVE-2015-6389

Cisco Prime Collaboration Assurance before 11.0 is affected by CVE-2015-6389 due to a hardcoded cmuser account. An undocumented default account with a known password enables remote SSH login, granting access with limited permissions. Root cause: installation creates a persistent, unchangeable cmu...

CVE-2015-6389

Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this account's password, aka Bug ID CSCus62707...

KLA10704 Multiple vulnerabilities in ARRIS cable modems.

Multiple serious vulnerabilities have been found in ARRIS cable modems. Malicious users can exploit these vulnerabilities to gain privileges or inject arbitrary code. Below is a complete list of vulnerabilities: 1. Predictable technician password can be exploited remotely to gain technician...

CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

Hardcoded credentials

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

CVE-2015-7286

CSL DualCom GPRS CS2300-R devices with firmware 1.25 through 3.53 rely on a polyalphabetic substitution cipher with hardcoded keys, which makes it easier for remote attackers to defeat a cryptographic protection mechanism by capturing IP or V.22bis PSTN protocol traffic...

CVE-2015-7289

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128100611 through TS0705125D031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP...

Hardcoded credentials

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128100611 through TS0705125D031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP...

CVE-2015-7289

Arris DG860A, TG862A, and TG862G devices with firmware TS0703128100611 through TS0705125D031115 have a hardcoded administrator password derived from a serial number, which makes it easier for remote attackers to obtain access via the web management interface, SSH, TELNET, or SNMP...

CVE-2015-7289

The CVE-2015-7289 entry applies to ARRIS DG860A, TG862A, and TG862G cable modems with firmware TS0703128_100611 through TS0705125D_031115. The root cause is a hardcoded administrator password derived from the device serial number, enabling remote attackers to gain administrative access via the we...

CVE-2015-6476

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session...

CVE-2015-6476

Advantech EKI-122x-BE devices with firmware before 1.65, EKI-132x devices with firmware before 1.98, and EKI-136x devices with firmware before 1.27 have hardcoded SSH keys, which makes it easier for remote attackers to obtain access via an SSH session...

Hardcoded credentials

The default configuration of sshdconfig in Cisco Mobility Services Engine MSE through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501...

Ubuntu 15.04 : linux vulnerabilities (USN-2799-1)

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2798-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2798-1 advisory. It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind...

Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2795-1)

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...

USN-2792-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...