Threat Level: Infocon green

Diaries by Keyword: HP StorageWorks MSA G3 P2000 default password

DateAuthorTitle

HP STORAGEWORKS MSA G3 P2000 DEFAULT PASSWORD

2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

HP

2013-02-22Chris MohanPHP 5.4.12 and PHP 5.3.22 released http://www.php.net/ChangeLog-5.php
2013-01-27Tony CarothersHP JetDirect Vulnerabilities Discussed
2013-01-17Russ McReePHP 5.4.11 and PHP 5.3.21 released
2012-09-19Russ McReeScript kiddie scavenging with Shellbot.S
2012-06-14Johannes UllrichPHP 5.4.4 and 5.3.14 released with fixes for DES crypt issue and phar heap overflow
2012-05-08Kevin ListonPHP 5.4.3 and PHP 5.3.13 Released
2012-04-12Guy BruneauHP ProCurve 5400 zl Switch, Flash Cards Infected with Malware
2012-04-05Johannes UllrichEvil hides everywhere: Web Application Exploits in Headers
2012-03-07Johannes UllrichWhat happened to RFI attacks?
2012-02-16Johannes UllrichAdobe Flash Player Update
2012-02-07Johannes UllrichSecure E-Mail Access
2012-02-03Guy BruneauPHP 5.3.10 Released, Fixes CVE-2012-0830 available for download http://www.php.net/archive/2012.php#id2012-02-02-1
2012-02-03Johannes UllrichCritical PHP bug patched
2012-01-16Kevin Shorttphp 5.3.9 released -Jan-10-2011
2012-01-12Rob VandenBrinkPHP 5.39 was release on the 10th, amongst other things, it addresses CVE-2011-4885 (prevents attacks based on hash collisions) and CVE-2011-4566 (integer overflow when parsing invalid exif header)
2011-11-29John BambenekHacking HP Printers for Fun and Profit
2011-08-22Jim ClausingDO NOT upgrade to PHP 5.3.7, significant bug in crypt() function, see http://www.php.net/
2011-08-18Rob VandenBrinkPHP 5.37 release. Some security updates, plus lots of bug fixes ==> http://www.php.net/archive/2011.php#id2011-08-18-1
2011-03-07Johannes UllrichOutbound SSH Traffic from HP Virtual Connect Blades
2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user
2010-08-31Bojan ZdrnjaInteresting PHP injection
2010-08-10Daniel WesemannSSH - new brute force tool?
2010-07-04Manuel Humberto Santander PelaezInteresting analysis of the PHP SplObjectStorage Vulnerability
2010-06-14Manuel Humberto Santander PelaezAnother way to get protection for application-level attacks
2010-05-23Manuel Humberto Santander Pelaeze-mail scam announcing Fidel Castro's funeral ... and nasty malware to your computer.
2010-02-27Guy BruneauPHP 5.2.13 Security Update
2010-01-29Johannes UllrichAnalyzing isc.sans.org weblogs, part 2, RFI attacks
2009-12-28Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)
2009-11-20Mark Hofman PHP 5.3.1 is released. With many of the websites on the net relying on PHP and the number of attacks we see, consider upgrading. This release has over 100 bug fixes, some of which are security related.
2009-08-01Deborah HaleWebsite Warnings
2009-06-26Mark HofmanPHPMYADMIN scans
2009-06-24Kyle HaugsnessExploit tools are publicly available for phpMyAdmin
2009-06-21Scott FendleyphpMyAdmin Scans
2009-04-07Johannes UllrichCommon Apache Misconception
2009-02-06Adrien de BeaupreTime to patch your HP printers
2009-02-03Swa FrantzenOn the importance of patching fast
2008-12-10Stephen HallPHP Group has released PHP version 5.2.8
2008-09-09Swa Frantzenwordpress upgrade
2008-08-19Johannes UllrichA morning stroll through my web logs
2008-05-05John BambenekPHP 5.2.6 out w/ security updates
2008-04-07John BambenekHP USB Keys Shipped with Malware for your Proliant Server
2006-12-24Swa FrantzenphpBB 2.0.22 - upgrade time
2006-11-29Toby KohlenbergNew Vulnerability Announcement and patches from Apple
2006-09-13Swa FrantzenPHP - shared hosters, take note.

STORAGEWORKS

2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

MSA

2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

G3

2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

P2000

2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

DEFAULT

2013-03-05Mark HofmanIPv6 Focus Month: Device Defaults
2011-05-30Johannes UllrichAllied Telesis Passwords Leaked
2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user

PASSWORD

2013-05-14Jim ClausingSo what passwords are those ssh scanners trying?
2013-03-18Kevin ShorttCisco IOS Type 4 Password Issue: http://tools.cisco.com/security/center/content/CiscoSecurityResponse/cisco-sr-20130318-type4
2013-01-18Russ McReeInteresting reads for Friday 18 JAN 2013
2013-01-04Daniel WesemannBlue for Reset?
2012-11-15Jim ClausingAnother month another password disclosure breach
2012-07-16Jim ClausingAn analysis of the Yahoo! passwords
2012-06-06Jim ClausingPotential leak of 6.5+ million LinkedIn password hashes
2012-05-22Johannes Ullrichnmap 6 released
2012-01-03Rick WannerAnalysis of the Stratfor Password List
2011-10-10Tom ListonWhat's In A Name?
2011-08-10Johannes UllrichTheoretical and Practical Password Entropy
2011-06-28Johannes UllrichHashing Passwords
2011-05-30Johannes UllrichAllied Telesis Passwords Leaked
2010-12-28John BambenekMozilla Notifies of Relatively Minor Security Breach
2010-12-15Manuel Humberto Santander PelaezHP StorageWorks P2000 G3 MSA hardcoded user
2010-12-13Deborah HaleGawker Media Breach of Security
2010-11-26Mark HofmanUsing password cracking as metric/indicator for the organisation's security posture
2010-08-27Mark HofmanFTP Brute Password guessing attacks
2010-02-25Chris CarboniPass The Hash
2010-02-02Johannes UllrichTwitter Mass Password Reset due to Phishing
2009-12-04Daniel WesemannThe economics of security advice (MSFT research paper)
2009-11-02Daniel WesemannPassword rules: Change them every 25 years
2009-10-23Johannes UllrichLittle new tool: reversing md5/sha1 hashes http://isc.sans.org/tools/reversehash.html
2008-09-22Jim ClausingLessons learned from the Palin (and other) account hijacks
site/port/ip search:

Announcement!

IPv6 Support Added

Our iptables client now supports submitting IPv6 firewall logs.

Get ISC Swag!!

Advertisement

Security News Feeds

InternetStormCenter
SANS Newsbites
SANS @Risk

Diary Archives

e-netprotections.su ? - by: Daniel Wesemann (2013-05-17)

SSL: Another reason not to ignore IPv6 - by: Johannes Ullrich (2013-05-17)

Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability - by: Joel Esler (2013-05-16)

View Diary Archives

Search Diaries:

SANS Institute

View our Privacy Policy

Contact Us

Phone: (757) SANS-ISC (726-7472) - Voice Mail Only
Web Contact: handlers@isc.sans.edu
Report Bugs: Sourceforge Project
Debug Info: Browser Debug Info

"The experiences gained in the SANS Technology Institute program have helped me advance in IBM, taking a more public facing role."
- Jerome Radcliffe, SANS Technology Institute Student

"SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community."
- Rob VandenBrink, Alumni of SANS Technology Institute