[Full-disclosure] Dell iDRAC6
Jeffrey Walton
noloader at gmail.com
Fri Jul 8 02:59:32 BST 2011
On Thu, Jul 7, 2011 at 9:27 PM, phil <jabea at jabea.net> wrote:
> Is it only me, but the iDRAC6 from Dell is kinda insecure. The default
> username and password is always root / calvin. (I configured a lot of Dell
> server from like R610 to NX3000 and they all share that default password)
I have found Dell to be very insecure - from their BIOS to their
applications. I've tried to report a number of issues over the years
and all have been ignored. For example, emails to
{secure|security}@dell.com are received but ignored; and calls to
their tech support (overseas call centers) to report a vulnerability
get you transferred into the bit bucket.
I no longer purchase anything Dell. It does not matter if its personal
computers to business servers.
Jeff
Full-Disclosure is hosted and sponsored by Secunia.