Arkeia Server Blank Default Root Password Vulnerability

Arkeia Server is an enterprise-based backup software solution distributed and maintained by Knox Software.

The Arkeia Server software packages does not set the root password by default. If the software package is installed on an insecure network, this makes it possible for a remote user with an Arkeia client to gain access to the Arkeia server before the password is set by the administrator, and log in as root.


 

Privacy Statement
Copyright 2010, SecurityFocus