Vigil@nce - IBM hardware: multiple vulnerabilities of IPMI via IMM
August 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use several vulnerabilities of the IMM (Integrated
Management Module) in IBM hardware.
– Impacted products: Windows (platform), Unix (platform)
– Severity: 2/4
– Creation date: 13/08/2013
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in the IMM (Integrated
Management Module) of IBM hardware. They are related to the IPMI
(Intelligent Platform Management Interface).
The IMM password is stored in clear text. [severity:2/4;
CVE-2013-4038]
An attacker can use the RAKP (RMCP+ Authenticated Key-Exchange
Protocol) protocol to obtain hashed IPMI passwords. He can then
use a brute force attack to recover the password. [severity:2/4;
CVE-2013-4037]
The default password for IMM and IMM2 is constant. [severity:2/4;
CVE-2013-4031]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/IBM-hardware-multiple-vulnerabilities-of-IPMI-via-IMM-13267