[EAS] Digital Alert Systems From Monroe Electronics Contain a Known SSH Private Key and are Vulnerable to Remote Attack
Barry Mishkind
barry at oldradio.com
Tue Jul 9 13:03:42 CDT 2013
This is old news, apparently recycled by someone who wants his 15 minutes.
DAS firmware was updated in April to block the suggested issues.
And the company made the effort to reach out to customers to make sure they knew about the update and helped them do the install when needed.
More information was published in early May. The link is here: http://www.thebdr.net/articles/fcc/eas/EAS-Q5.pdf
Basically, a non-story.
At 09:43 AM 7/9/2013, Richard Langevin - EMERMGTX wrote:
>All,
>>From a IT friend of mine
>Well, so even if you change the login username and password, they're still not always safe.
>
>http://www.securityweek.com/root-ssh-key-compromised-emergency-broadcast-systems
>
>http://www.ioactive.com/pdfs/IOActive_DASDEC_vulnerabilities.pdf
>
>Richard Langevin
>Maricopa County Dept of Emergency Management
More information about the EAS
mailing list