Last Updated: 2013-06-20 01:39:36 UTC
by Guy Bruneau (Version: 1)
HP released a security bulletin on a potential remote unauthorized access with HP Integrated Lights-Out iLO3/iLO4 using Single-Sign-On.
CVE-2013-2338 has been assigned and the following versions are impacted:
HP Integrated Lights-Out 3 (iLO3) firmware versions prior to v1.57.
HP Integrated Lights-Out 4 (iLO4) firmware versions prior to v1.22.
If you are impacted, HP recommends upgrading as soon as possible. The current version is available here.
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu
If you have more information or corrections regarding our diary, please share.
|2013-06-20||Guy Bruneau||HP iLO3/iLO4 Remote Unauthorized Access with Single-Sign-On (0 Comments)|
|2013-06-19||Kevin Liston||WinLink Check-In (2 Comments)|
|2013-06-18||Russ McRee||Volatility rules...any questions? (0 Comments)|
|2013-06-18||Russ McRee||EMET 4.0 is now available for download (1 Comments)|
|2013-06-17||Daniel Wesemann||SANSFIRE 2013 (0 Comments)|
|2013-06-16||Tony Carothers||A scan is a scan is a scan (12 Comments)|
|2013-06-14||Richard Porter||When Hotel Alarms Sound (10 Comments)|
|2013-06-12||Johannes Ullrich||Stupid Little IPv6 Tricks (0 Comments)|
|2013-06-11||Swa Frantzen||Store passwords the right way in your application (14 Comments)|
|2013-06-11||Swa Frantzen||Microsoft June 2013 Black Tuesday Overview (3 Comments)|