> -----Original Message----- > From: wiz561@xxxxxxxxx [mailto:wiz561@xxxxxxxxx] > Sent: Thursday, June 08, 2006 5:29 PM > To: bugtraq@xxxxxxxxxxxxxxxxx > Subject: Dell Openmanage CD Vulnerability > > > When you boot up using the Dell PowerEdge Installation and > Server Management Disc (P/N: WG126 Rev. A00, October 2005), > there are two major vulnerabilities on the machine. If you > use this disc to boot up and you are connected to a DHCP > network, there is an SSH server running that does not require > a username and password to login. There is also an X11 > server running that accepts connections from anywhere. we also attempted to inform Dell of an installation vulnerability with Microsoft Windows XP pro. After asking us our machine serial number (which I had!) they ignored us. Never to reply back to numerious emails: http://www.secnap.com/alerts.php?pg=8.
