[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CARISIRT: Yet Another BMC Vulnerability

Subject: CARISIRT: Yet Another BMC Vulnerability
From: coy.hile at coyhile.com (Coy Hile)
Date: Thu, 19 Jun 2014 21:42:04 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

On Jun 19, 2014, at 7:41 PM, Markus <universe at truemetal.org> wrote:

> http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/
> 
> = simple telnet commands displays passwords of BMCs. Damn Supermicro, please hire some new programmers! :(
> 

And here I was hoping it would be something useful like a vulnerability that would put BMC (the company) out of business!  Donâ??t get my hopes up like that!

More reason that one shouldnâ??t make his OOB net generally accessible.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2251 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140619/f20b9912/attachment.bin>

References:
- CARISIRT: Yet Another BMC Vulnerability
  - From: universe at truemetal.org (Markus)

Prev by Date: Ars Technica on IPv4 exhaustion
Next by Date: Ars Technica on IPv4 exhaustion
Previous by thread: CARISIRT: Yet Another BMC Vulnerability
Next by thread: Canada and IPv6 (& DNSSEC)
Index(es):
- Date
- Thread