Vulnerabilities > CVE-2007-3232 - Unspecified vulnerability in IBM Totalstorage Ds400 4.15
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root, (2) user, (3) manager, (4) administrator, and (5) operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
References
- http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html
- http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html
- http://osvdb.org/41610
- http://osvdb.org/41610
- http://www.securityfocus.com/bid/24452
- http://www.securityfocus.com/bid/24452
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34967
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34967