Last Updated: 2014-06-19 21:52:47 UTC
by Tony Carothers (Version: 1)
A new vulnerability has been released by the CARI.net team regarding Supermicro‚??s implementation of IPMI/BMC for management. The vulnerability involves a plaintext password file available for download simply by connecting to the specific port, 49152. One of our team has tested this vulnerability, and it works like a champ, so let‚??s add another log to the fire and spread the good word. The CARI.net team has a great writeup on the vulnerability linked below:
Much thanx to the Zach at CARI.net for the heads-up.
tony d0t carothers --gmail