Vigil@nce - McAfee Email/Web Gateway, Web Security: multiple vulnerabilities of iDRAC, iLO and IPMI
August 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of iDRAC, iLO and IPMI
of McAfee Web Gateway, McAfee Email Gateway and McAfee Web
Security appliances.
Impacted products: McAfee Email and Web Security, McAfee Email
Gateway, McAfee Web Gateway
Severity: 2/4
Creation date: 31/07/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in McAfee Web Gateway,
McAfee Email Gateway and McAfee Web Security appliances.
An attacker can use an arbitrary password and no encryption, in
order to execute IPMI commands via Dell iDRAC 6 BMC
(VIGILANCE-VUL-13269 (https://vigilance.fr/tree/1/13269?w=66901)).
[severity:2/4; CVE-2013-4783]
An attacker can use an arbitrary password and no encryption, in
order to execute IPMI commands via HP Integrated Lights-Out (iLO)
BMC (VIGILANCE-VUL-13268 (https://vigilance.fr/tree/1/13268?w=66901)).
[severity:2/4; CVE-2013-4784]
An attacker can use iDRAC 6 firmware 1.7, in order to alter the
CLP interface of users. [severity:2/4; CVE-2013-4785]
An attacker can use the RAKP (RMCP+ Authenticated Key-Exchange
Protocol) protocol to obtain hashed IPMI passwords. He can then
use a brute force attack to recover the password. [severity:2/4;
CVE-2013-4786]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN