[nsp-sec] Headsup AS12301 / AS9125 / AS28964 vulnerable ssh logins
James A. T. Rice
james_r-nsp at jump.org.uk
Wed Nov 23 07:27:05 EST 2011
Unfortunately a customer machine was compromised and proceeded to ssh
bruteforce remote networks, a rather sheepish admin has apologised for his
lack of diligence and noted that the scanner succeeded in logging into the
following machines, which in turn could do with better passwords:
vulnerable root account
12301 | 109.105.10.235 | INVITEL Invitel Tavkozlesi Zrt.
vulnerable test account
9125 | 109.111.230.187 | ORIONTELEKOM-AS Drustvo za telekomunikacije Orion telekom doo Beograd, Gandijeva 76a
28964 | 109.111.227.113 | ORIONTELEKOMTIM-AS Orion Telekom Tim d.o.o.Beograd, Nehruova 93A
28964 | 109.111.227.173 | ORIONTELEKOMTIM-AS Orion Telekom Tim d.o.o.Beograd, Nehruova 93A
28964 | 109.111.227.186 | ORIONTELEKOMTIM-AS Orion Telekom Tim d.o.o.Beograd, Nehruova 93A
Thanks
James
More information about the nsp-security
mailing list