Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups

    EMC and VMware Vulnerabilities Come to Light

    News
    vmware emc security
    4
    7
    901
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • mlnews
      mlnews last edited by

      https://arstechnica.com/information-technology/2018/01/emc-vmware-security-bugs-throw-gasoline-on-cloud-security-fire/

      While everyone was screaming about Meltdown and Spectre, another urgent security fix was already in progress for many corporate data centers and cloud providers who use products from Dell's EMC and VMware units. A trio of critical, newly reported vulnerabilities in EMC and VMware backup and recovery tools—EMC Avamar, EMC NetWorker, EMC Integrated Data Protection Appliance, and vSphere Data Protection—could allow an attacker to gain root access to the systems or to specific files, or inject malicious files into the server's file system. These problems can only be fixed with upgrades. While the EMC vulnerabilities were announced late last year, VMware only became aware of its vulnerability last week.

      1 Reply Last reply Reply Quote 4
      • black3dynamite
        black3dynamite last edited by black3dynamite

        Backup and recovery tools that is meant to protect us against disaster or whatnot is capable of allowing hackers root access.

        DustinB3403 1 Reply Last reply Reply Quote 1
        • DustinB3403
          DustinB3403 @black3dynamite last edited by DustinB3403

          @black3dynamite said in EMC and VMware Vulnerabilities Come to Light:

          Backup and recovery tools that is meant to protect us against disaster or whatnot is capable of allowing hackers root access.

          The issue appears to stem from EMC and VMWare, in the way that the backup solutions are forced to operate.

          1 Reply Last reply Reply Quote 1
          • scottalanmiller
            scottalanmiller last edited by

            Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

            black3dynamite 1 Reply Last reply Reply Quote 1
            • black3dynamite
              black3dynamite @scottalanmiller last edited by

              @scottalanmiller said in EMC and VMware Vulnerabilities Come to Light:

              Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

              What is a DevOps style backups? Using something like rsync?

              scottalanmiller 1 Reply Last reply Reply Quote 0
              • scottalanmiller
                scottalanmiller @black3dynamite last edited by

                @black3dynamite said in EMC and VMware Vulnerabilities Come to Light:

                @scottalanmiller said in EMC and VMware Vulnerabilities Come to Light:

                Partly, I'm sure, it stems from the massive complexities of these systems. An advantage to DevOps style backups is how simple they are. So much less to go wrong, because they try to do so much less.

                What is a DevOps style backups? Using something like rsync?

                Rsync could certainly be a tool for that.

                1 Reply Last reply Reply Quote 0
                • scottalanmiller
                  scottalanmiller last edited by

                  Youtube Video

                  1 Reply Last reply Reply Quote 2
                  • First post
                    Last post