IPMI vulnerabilities

Jeroen Massar jeroen at massar.ch
Tue Jul 2 15:32:34 UTC 2013


On 2013-07-02 16:51 , Steven Bellovin wrote:
> http://www.wired.com/threatlevel/2013/07/ipmi/
> 
> Capsule summary: watch out!

Indeed! But it is should be logical, as IPMI is supposed to be for OOB
access right? :)

Anybody not putting them behind a properly restricted firewall and/or
VLAN is asking for issues... typical IPMI boxes run outdated linux
kernels, with nice olddated userspace and a whole lot of tools that one
can not really restrict access to, thus it is quite silly to have that
access open to the public.

Greets,
 Jeroen





More information about the NANOG mailing list