Warning: file_put_contents(/srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/bulk-post-0.4-1/cache/sessions//Pbdas66RGvEVw0hnyW1AloE2h7QlC0sgFtPfZitu): failed to open stream: No space left on device in /srv/users/serverpilot/apps/bitupdateus/public/wp-content/plugins/stupidpie-1.8.3-1/vendor/illuminate/filesystem/Filesystem.php on line 122
  Lenovo finds backdoor in its own network switches | Bit Updates
Home » bitcoin updates » Lenovo finds backdoor in its own network switches

Lenovo finds backdoor in its own network switches

Saturday, January 13th, 2018 | bitcoin updates

             The compromised switch models, which now belong to Lenovo's portfolio, had originally been developed by the long-neglected network supplier Nortel.


        Chinese company Lenovo reports that it has found undocumented access to its RackSwitch and BladeCenter enterprise switches. The backdoor is in corporate networks with the ENOS operating system (Enterprise Network Operating System) and was noticed in an internal security control. The backdoor allowed unauthenticated and unauthorized access to the switches.
According to Lenovo, the secret access was already set in 2004, at a time when ENOS was still part of the Blade Server Switch Business Unit (BSSBU) of the former network equipment supplier Nortel. The backdoor had demanded a Nortel OEM customer. In Lenovo's Security Advisory she is referred to as "HP backdoor". It apparently also went undetected when Nortel's Switch division was spun off into Blade Network Technologies (BNT) in 2006 and went to IBM in 2010 under the name BLADE. Lenovo finally took over BLADE from IBM in 2014.
BLADE had stated in 2010 that the company no longer had any products or relationships with Nortel, and that both hardware design and software were standalone BLADE products.
Updates to Lenovo but also IBM switches that bypass authentication and authorization are unacceptable to the organization and are in violation of in-house security policies, Lenovo said. The backdoor mechanism has been removed from the ENOS source code, there is now an updated firmware for the products in question.
Updates are also available for the older series, which were still sold under IBM's brand name. Lenovo has published a list of all the devices for which updates are available, as well as download links of the firmware, in its Security Advisory (CVE-2017-3765). The backdoor does not exist in the Cloud Network Operating System (CNOS). Secret access is not a hidden access but a mechanism that bypasses authentication and requires very specific conditions. Lenovo also describes details in Security Advisory.




B & W PX: Bowers &

                              Beginning                 General                 particularities                 Comments                       All about Bowers & Wilkins

The three most interestin

ICOs are currently attracting considerable attention and interest. Accordingly, many projects are currently

UFO program of the Pentag

                         A video from a US fighter aircraft from 2004 allegedly

Billions in volume: Disne

Sign up now! The investment opportunities for 2018 will be the focus of