• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

ISS RealSecure for Nokia IDS Devices Default KeyAdministrator Entry Vulnerability

It has been reported that the default configuration of RealSecure 6.0 for the Nokia IDS device platform may allow for compromise of sensor systems. An entry exists in the 'ISS.ACCESS' configuration file by default that may allow for an attacker to push public keys to the device. This may result in the attacker gaining control of the device.