Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

System admins warned of security issues with GE Ethernet switches

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

January 15, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

General Electric is the latest industrial equipment maker to warn system admins to patch their devices to protect against hard-coded credentials in various Ethernet switches.

IO Active disclosed the security vulnerability to ICS-CERT, which issued an advisory.

The security vulnerability occurs in various GE Multilink managed Ethernet switches.

The ones that are affected are the ML-800, 1200, 1600 and 2400 versions 4.2.1 and older, and the ML-810, 3000 and 3100 versions older than version 5.2.0.

In those switches, the RSA key used to encrypt SSL traffic is hard-coded in the firmware, which needs to be updated. The company has issued patch instructions on its website.

It's important to note that ICS-CERT says the skill level needed to remotely exploit the vulnerability is fairly low.

After patching a system, administrators should generate new key pairs for their networks, and as GE notes, “it is recommended that the user perform the key exchange over a serial connection to prevent a third party from capturing the new key”.

And there's more-- the admin Web server for the switches is also subject to a crafted-packet denial-of-service attacks.

The only repair for this is to disable the server and manage the switch through its command line interface.

Aditionally, GE notes that IO Active's Eireann Leverett, who discovered and disclosed these security vulnerabilities, has also found a third attack vector which GE is now investigating as well.

Source: General Electric.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer