ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    EMC and VMware Vulnerabilities Come to Light

    Scheduled Pinned Locked Moved News
    vmwareemcsecurity
    7 Posts 4 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mlnewsM
      mlnews
      last edited by

      https://arstechnica.com/information-technology/2018/01/emc-vmware-security-bugs-throw-gasoline-on-cloud-security-fire/

      While everyone was screaming about Meltdown and Spectre, another urgent security fix was already in progress for many corporate data centers and cloud providers who use products from Dell's EMC and VMware units. A trio of critical, newly reported vulnerabilities in EMC and VMware backup and recovery tools—EMC Avamar, EMC NetWorker, EMC Integrated Data Protection Appliance, and vSphere Data Protection—could allow an attacker to gain root access to the systems or to specific files, or inject malicious files into the server's file system. These problems can only be fixed with upgrades. While the EMC vulnerabilities were announced late last year, VMware only became aware of its vulnerability last week.

      1 Reply Last reply Reply Quote 4
      • black3dynamiteB
        black3dynamite
        last edited by black3dynamite

        Backup and recovery tools that is meant to protect us against disaster or whatnot is capable of allowing hackers root access.

        DustinB3403D 1 Reply Last reply Reply Quote 1
        • DustinB3403D
          DustinB3403 @black3dynamite
          last edited by DustinB3403

          @black3dynamite said in EMC and VMware Vulnerabilities Come to Light:

          Backup and recovery tools that is meant to protect us against disaster or whatnot is capable of allowing hackers root access.

          The issue appears to stem from EMC and VMWare, in the way that the backup solutions are forced to operate.

          1 Reply Last reply Reply Quote 1
          • scottalanmillerS
            scottalanmiller
            last edited by

            Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

            black3dynamiteB 1 Reply Last reply Reply Quote 1
            • black3dynamiteB
              black3dynamite @scottalanmiller
              last edited by

              @scottalanmiller said in EMC and VMware Vulnerabilities Come to Light:

              Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

              What is a DevOps style backups? Using something like rsync?

              scottalanmillerS 1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @black3dynamite
                last edited by

                @black3dynamite said in EMC and VMware Vulnerabilities Come to Light:

                @scottalanmiller said in EMC and VMware Vulnerabilities Come to Light:

                Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

                What is a DevOps style backups? Using something like rsync?

                Rsync could certainly be a tool for that.

                1 Reply Last reply Reply Quote 0
                • scottalanmillerS
                  scottalanmiller
                  last edited by

                  Youtube Video

                  1 Reply Last reply Reply Quote 2
                  • 1 / 1
                  • First post
                    Last post