New Supermicro IPMI/BMC Vulnerability
A new vulnerability has been released by the CARI.net team regarding Supermicroâ??s implementation of IPMI/BMC for management. The vulnerability involves a plaintext password file available for download simply by connecting to the specific port, 49152. One of our team has tested this vulnerability, and it works like a champ, so letâ??s add another log to the fire and spread the good word. The CARI.net team has a great writeup on the vulnerability linked below:
http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/
Much thanx to the Zach at CARI.net for the heads-up.
tony d0t carothers --gmail
×
![]()
Diary Archives
