It's been my experience that when you find a bunch of bugs like this, there will be a lot more hiding in the shadows - sure, they can patch this lot, but it strongly suggests that there's more to come.
Aruba Networks is slinging patches at a bunch of vulnerabilities in management platforms, its Aruba Instant Platform, and its proprietary ArubaOS PAPI management API. The company posted three advisories here after Google put it on a 90-day deadline, with the Chocolate Factory's Sven Blumenstein dropping a consolidated report …
Yep. Aruba (HP) has had a lot of issues, 6.X to present. Worked as their wireless engineer for 4 years and during that time their motto, put in field and fix later. The old reactive instead of proactive. It got to the point was fixing more than installing. But what do I know, only been in wireless since 00, the old "b" days forward. I guess all the OEM certs and applied concepts of the past are the dartboards of today. Rinse, repeat.
Biting the hand that feeds IT © 1998–2020