Vigil@nce - Dell hardware: multiple vulnerabilities of IPMI via iDRAC
August 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of the iDRAC (Dell
Remote Access Card) in Dell hardware.
– Impacted products: OpenManage System Management, Windows
(platform), Unix (platform)
– Severity: 2/4
– Creation date: 13/08/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in the iDRAC (Dell Remote
Access Card) of Dell hardware. They are related to the IPMI
(Intelligent Platform Management Interface).
The default password is constant. [severity:2/4]
An IPMI session can be encrypted. The "Cipher Suite 0" disables
the encryption. However, due to a conception error, the
authentication is also disabled. An attacker can therefore use an
arbitrary password and no encryption, in order to execute IPMI
commands. [severity:2/4]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Dell-hardware-multiple-vulnerabilities-of-IPMI-via-iDRAC-13269