From owner-freebsd-proliant@FreeBSD.ORG Mon Apr 7 21:36:52 2008 Return-Path: Delivered-To: freebsd-proliant@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3D4F21065672 for ; Mon, 7 Apr 2008 21:36:52 +0000 (UTC) (envelope-from edwin@mavetju.org) Received: from mail5out.barnet.com.au (mail5.barnet.com.au [202.83.178.78]) by mx1.freebsd.org (Postfix) with ESMTP id EFD0D8FC12 for ; Mon, 7 Apr 2008 21:36:51 +0000 (UTC) (envelope-from edwin@mavetju.org) Received: by mail5out.barnet.com.au (Postfix, from userid 1001) id 50A602218A92; Tue, 8 Apr 2008 07:36:51 +1000 (EST) X-Viruscan-Id: <47FA93F300012097106CD7@BarNet> Received: from mail5auth.barnet.com.au (mail5.barnet.com.au [202.83.178.78]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "mail5auth.barnet.com.au", Issuer "*.barnet.com.au" (verified OK)) by mail5.barnet.com.au (Postfix) with ESMTP id CA8F921B2262 for ; Tue, 8 Apr 2008 07:36:50 +1000 (EST) Received: from k7.mavetju (k7.mavetju.org [10.251.1.18]) by mail5auth.barnet.com.au (Postfix) with ESMTP id 9AE082218A3A for ; Tue, 8 Apr 2008 07:36:49 +1000 (EST) Received: by k7.mavetju (Postfix, from userid 1001) id 47C7117D; Tue, 8 Apr 2008 07:36:48 +1000 (EST) Date: Tue, 8 Apr 2008 07:36:48 +1000 From: Edwin Groothuis To: freebsd-proliant@freebsd.org Message-ID: <20080407213648.GK3162@k7.mavetju> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.3i Subject: HP USB Keys Shipped with Malware for your Proliant Server X-BeenThere: freebsd-proliant@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion of FreeBSD on HP ProLiant server platforms." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Apr 2008 21:36:52 -0000 Stumbled over this in my RSS feed this morning: http://isc.sans.org/diary.html?storyid=4247 http://www.auscert.org.au/render.html?it=9077 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2008.0354 -- [Appliance] HP USB Floppy Drive Key (Option) for ProLiant Servers, Local Virus Infection 7 April 2008 =========================================================================== [...] VULNERABILITY SUMMARY A potential security vulnerability has been identified with two types of optional HP USB Floppy Drive Keys intended for use with certain ProLiant servers. This vulnerability could cause a local 'W32.Fakerecy' or 'W32.SillyFDC' virus infection. [...] Short story: If you install the USB Floppy Drive Key and run Windows, you have to check the USB stick for viruses first. Edwin -- Edwin Groothuis | Personal website: http://www.mavetju.org edwin@mavetju.org | Weblog: http://www.mavetju.org/weblog/