CARISIRT: Yet Another BMC Vulnerability

• Previous message (by thread): CARISIRT: Yet Another BMC Vulnerability
• Next message (by thread): Canada and IPv6 (& DNSSEC)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jun 19, 2014, at 7:41 PM, Markus <universe at truemetal.org> wrote:

> http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/
> 
> = simple telnet commands displays passwords of BMCs. Damn Supermicro, please hire some new programmers! :(
> 

And here I was hoping it would be something useful like a vulnerability that would put BMC (the company) out of business!  Don’t get my hopes up like that!

More reason that one shouldn’t make his OOB net generally accessible.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2251 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140619/f20b9912/attachment.bin>

• Previous message (by thread): CARISIRT: Yet Another BMC Vulnerability
• Next message (by thread): Canada and IPv6 (& DNSSEC)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]