/build/static/layout/Breadcrumb_cap_w.png

Backdoor Found in Dell KACE K1000 Appliance???

Dell - can you please confirm.  What versions does this impact?  If true, how concerned should we be and what is the ETA for a patch?

 

http://console-cowboys.blogspot.com/2014/03/the-curious-case-of-ninjamonkeypiratela.html

Asked 10 years ago 3023 views
12 Comments   [ + ] Show comments
  • was reported on version 5.5.90545 - Jbr32 10 years ago
    • Do you happen to know what was actually changed between 5.5.90545 and 5.5.90546? I can't seem to find any release note information about 5.5.90546, but every article I do find is about K1000 hot fixes that work on 5.5.90545 or 5.5.90546. My guess is that 5.5.90546 was a minor bug fix for 5.5.90545 and at some point they pulled 5.5.90545 from being distributed.

      I do not believe 5.5.90546 would be immune to this or any other problems that would exist in 5.5.90545, unless someone can correct me on that point. - cogx 10 years ago
  • ETA on the fix would be great,I've called/emailed support and about this security flaw - ms01ak 10 years ago
  • We aware of this and hope to have a resolution soon - Mary KACE Technical Support - KACE_Mary 10 years ago
    • Mary if you restrict www access to vpn only does that protect you? - Jbr32 10 years ago
    • Jbr32, my answer is not official, of course, but if I'm understanding the article correctly, it does appear they would have to be able to reach the web interface in order to launch an attack through this vulnerability. Thankfully we don't have our KBOX open to the outside world at all - BHC-Austin 10 years ago
      • We restrict it via the Kbox ip settings. So if you hit our box from the wan you get the "oops file not found" message so I am hoping we are good. - Jbr32 10 years ago
  • I have a case open as well, FWIW. - etipton 10 years ago
  • A security vulnerability has been identified on the K1000. Affects versions 5.5, 5.4, and 5.3 The vulnerability allows access to the root of a K1000.

    To address this before the fix is available, it is recommended to block all incoming ports and/or disconnect your K1000 from the internet. Especially if your K1000 is in the DMZ. Even if your K1000 is behind a firewall, the most secure defense is to follow these instructions.

    We expect a fix to be issued by the end of today, March 11, 2014, along with further instructions. - KACE_Mary 10 years ago
  • Please see http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL121792
    for Dell's response and updates. - KACE_Mary 10 years ago
    • Mary - I have some questions that I do not want to post here. Should I open a ticket or can you call/ email me to discuss? - Jbr32 10 years ago
  • Jbr32 You can open a ticket and request it be assigned to me. Opening a ticket is the best thing. - KACE_Mary 10 years ago
  • Just wanting to confirm, the forthcoming patch is not yet available, correct? - cogx 10 years ago
  • So much for "a fix to be issued by the end of today, March 11, 2014". New ETA? - etipton 10 years ago
  • Bob - can this post be featured so it does not fall off the homepage? - Jbr32 10 years ago
  • All, The download link for the 5.5 fix is on the SOL article listed above. Please read the note for the 5.5 patch. %.4 is expected to be available shortly. - KACE_Mary 10 years ago
  • The hotfix for 5.4 has been updated in this article: http://www.kace.com/support/resources/kb/solutiondetail?sol=SOL121792
    5.5 and 5.4 hotfixes are listed. - KACE_Mary 10 years ago

Answers (0)

Be the first to answer this question

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ