Saturday, August 14, 2010

Have You Scanned Your Network for Any Vulnerable VxWorks Devices Yet?

VxWorks is an embedded operating system found on a wide variety of devices – including some things commonly found on enterprise networks like network storage devices, printers, external RAID controllers, and some other types of control devices. You should probably scan your networks using something like the new VxWorks scanning facility in Metasploit to be assured that you don't have any vulnerable devices on your network. The links below will help you get started.


References:
Description of current issues with VxWorks:
http://blog.metasploit.com/2010/08/vxworks-vulnerabilities.html

US-CERT advisory
http://www.kb.cert.org/vuls/id/362332

Wikipedia link describing VxWorks - includes list of some known VxWorks-based devices
https://secure.wikimedia.org/wikipedia/en/wiki/VxWorks


email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

No comments:

Post a Comment