Malware shipped with HP switches

Powered by SC Magazine
 

Dirty flash cards could infect computers.

HP has issued a warning to customers after it shipped a string of ProCurve 5400 zl switches with malware-infected compact flash cards.

The infected cards did not pose problems for the switch itself.

HP issued a security advisory that the malware was only a risk if the storage card was removed from the switch and reused in a different device, such as a personal computer.

According to HP, the flash card is the "primary non-volatile storage medium located on the [switch's] management module that contains both the boot software and configuration files".

It is removable, for example, in the event that the card fails.

The gaffe, first reported by The Register, affected HP ProCurve 5400 zl switches that were purchased after April 30 last year.

Users can purge the malware by running a script used on the HP switch manager which the company said will not disrupt operations of the switch. Alternatively the management module can be replaced.

A list of vulnerable models was available on the advisory.

In 2008, AusCERT warned that low-risk malware was shipped on USB drives by HP Australia for its ProLiant servers.

Copyright © SC Magazine, Australia


Malware shipped with HP switches
Tags
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 698

Vote