CVE-2007-3232 Information

Description

The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the (1) root (2) user (3) manager (4) administrator and (5) operator accounts which allows remote attackers to gain login access via certain Linux daemons including a telnet daemon on a nonstandard port tcp/6000.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0244.html http://osvdb.org/41610 http://www.securityfocus.com/bid/24452 https://exchange.xforce.ibmcloud.com/vulnerabilities/34967