CARISIRT: Yet Another BMC Vulnerability

Coy Hile coy.hile at
Fri Jun 20 01:42:04 UTC 2014

On Jun 19, 2014, at 7:41 PM, Markus <universe at> wrote:

> = simple telnet commands displays passwords of BMCs. Damn Supermicro, please hire some new programmers! :(

And here I was hoping it would be something useful like a vulnerability that would put BMC (the company) out of business!  Don’t get my hopes up like that!

More reason that one shouldn’t make his OOB net generally accessible.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2251 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list