Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Supermicro IPMI Plaintext Passwords Exposed (threatpost.com)

msm1267 writes: Much has been written about the insecurity of the IPMI protocol present inside embedded baseboard management controllers (BMCs). Serious vulnerabilities can be exploited to gain remote control over big servers running BMCs, in particular in hosting environments where the controllers help admins with remote management of crucial industrial functions, for example. And despite alerts and warnings from prominent figures in computer security such as Dan Farmer and HD Moore, and patches from vendors, the news keeps getting worse.

The security incident response team for San Diego-based cloud-based hosting provider CARI.net yesterday disclosed that a file storing passwords in plain text is open over port 49152. Close to 32,000 vulnerable systems responded to a GET/PSBlock query on the Shodan search engine over port 49152; more than 9.8 million hosts responded in total.

“You can quite literally download the BMC password file from any UPnP enabled Supermicro motherboard running IPMI on a public interface,” said Zachary Wikholm, senior security engineer with CARI.net.

The PSBlock password file is found in a XML file stored inside a particular directory, Wikholm said, adding that he notified Supermicro of the issue in November to no avail. Wikholm said anything stored in the directory, including server.pem files, wsman admin passwords and netconfig files, are available.

This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Supermicro IPMI Plaintext Passwords Exposed

Comments Filter:

The computer can't tell you the emotional story. It can give you the exact mathematical design, but what's missing is the eyebrows. - Frank Zappa

Working...