Computer Security
[EN] securityvulns.ru no-pyccku


HP Integrated Lights-Out unauthorized access
Published:07.04.2014
Source:
SecurityVulns ID:13665
Type:remote
Threat Level:
5/10
Description:Information leakage of password.
Affected:HP : Integrated Lights-Out 3
 HP : Integrated Lights-Out 4
 HP : Integrated Lights-Out 2
CVE:CVE-2013-4786 (The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC.)
Original documentdocumentHP, [security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) (07.04.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod