View Profile
View Forum Posts
Private Message
From the SANS.org Newsbites:
--OpenELEC Password Vulnerability
(February 2 & 3, 2016)
Carnegie Mellon University's Computer Emergency Response Team Coordination Center (CERT/CC) has published an alert warning of a password vulnerability in the Open Embedded Linux Entertainment Center (OpenELEC) operating system. The flaw also affects RasPlex for Raspberry Pi devices, as it is based on the open-source OpenELEC distribution. A hard-coded root password for the Secure Shell (SSH) encryption protocol could be used to gain root access to vulnerable devices. CERT recommends several mitigations, including disabling SSH passwords access and restricting network access.
http://www.scmagazine.com/cert-poor-password-policy-leaves-openelec-operating-system-v...rticle/470962/
http://www.kb.cert.org/vuls/id/544527
+ Reply to Thread
Results 1 to 1 of 1
QuoteSimilar Threads
-
Zero-Day FFmpeg Vulnerability
By drjtech in forum Latest Video NewsReplies: 1Last Post: 15th Jan 2016, 12:40 -
Android Root Access Vulnerability Affecting Most Devices
By enim in forum ComputerReplies: 14Last Post: 23rd Jun 2014, 01:37 -
drivelock password sata help me
By krrish in forum ComputerReplies: 5Last Post: 9th Apr 2014, 07:50 -
help needed with getting password
By oggyuk40 in forum SVCD2DVD & VOB2MPGReplies: 5Last Post: 4th Mar 2013, 02:24 -
password for Polaroid DRA01601A
By thirsch in forum DVD & Blu-ray RecordersReplies: 1Last Post: 21st Feb 2011, 21:19