

Hidden admin user on every HP MSA2000 G3  - Garbage
http://seclists.org/bugtraq/2010/Dec/102

======
evgeny0
I can just see it now...

    
    
      - A hidden admin account is perfect for debugging and support!
      - What if someone guesses the password?
      - Nah, who the hell is gonna guess THAT?!

~~~
nkassis
the exclamation at the beginning would throw off most script kiddies
seriously. Who puts an exclamation point at the beginning?

~~~
iuguy
Someone who's _really, really excited_ about their new admin account.

------
jkahn
For those that don't know, an HP MSA2000 is a baby SAN - a small business
storage array.

There's not a lot of info in that post, and I don't see any other posts in the
thread. This is an issue if it can be accessed remotely, but not a big deal if
it requires a console cable.

Even if it CAN be accessed remotely, it shouldn't be as big an issue as you'd
think. SANs are usually not connected to the Internet and the management ports
should be set on separate management VLANs. The number of SAN installs I've
seen where the SAN engineer installing it left the passwords at the default
and the customer never changed them is mind-boggling, anyway.

Not to take away from the importance of something like this, but it's not as
severe as say, a remote-root exploit in Linux.

------
ra
If this is for real then it's flabbergasting.

------
privacyguru
We added little more info here -- [http://www.securityweek.com/backdoor-
vulnerability-discovere...](http://www.securityweek.com/backdoor-
vulnerability-discovered-hp-msa2000-storage-systems)

------
patrickgzill
Pretty serious, considering that these devices can do iSCSI - meaning any
machine with access to it over the LAN, such as any machine that is getting
some iSCSI storage from the device, can now do nefarious things.

~~~
zsouthboy
I don't know about others, but we put all our iSCSI stuff on a physically
disparate network, separate NICs, separate switches.

Doesn't help if someone has physical access to the datacenter, but that's a
given.

~~~
patrickgzill
Would it not be the case, that a compromised machine that was mounting iSCSI,
might then be able to access the hidden admin feature? It could then mount
other volumes read-only and read data meant to be private...

~~~
thehigherlife
Not necessarily. In most cases administration access to these things are on an
entirely separate network from connection protocol. Having an iSCSI / nfs
connection isn't enough; you'd also have to be on the same network as the
management interface.

------
spuz
Does anyone know what a HP MSA2000 G3 is? Google vaguely hints that it could
be a laptop.

~~~
crocowhile
A laptop?! This is the first result on google:
[http://h10010.www1.hp.com/wwpc/us/en/sm/WF04a/12169-304616-2...](http://h10010.www1.hp.com/wwpc/us/en/sm/WF04a/12169-304616-241493-241493-241493.html)

~~~
maukdaddy
A laptop for VERY strong people with huge storage needs ;)

------
iwwr
FreeNAS solves all these hidden vendor problems.

~~~
wazoox
I'm not sure it solves our fibre channel needs...

------
somabc
Has anyone confirmed this in the wild?

~~~
jbarber
It works on one I have, the interesting thing will be see if it works on other
recent MSA arrays as well.

------
stewsnooze
Is this hacker news or hacker leaks? everybody run.....

