Results 1 to 8 of 8
  1. #1
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290

    Supermicro IPMI Vulnerabilities

    I won't link directly to the POC however you can read about it / get to it from here:

    https://community.rapid7.com/communi...ulnerabilities

    A key part of this:

    Exploitation of these vulnerabilities would result in remote code execution as the root user account.
    IPMI updates: http://supermicro.com/support/bios/firmware0.aspx


    Just another reason it is a bad idea to run IPMI on the public internet.
    Last edited by Steven; 11-18-2013 at 07:17 PM.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  2. #2
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    I have not verified yet, but it would appear in my thinking that if you ACL it, you are immune since the ACL is basically iptables from what I saw.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  3. #3
    Join Date
    Oct 2000
    Posts
    1,653
    Does anyone know if the new firmware is compatible with the X9SCM-iiF? It still lists the old firmware as the latest version...
    [QuickPacket™] [AS46261]
    Located in Atlanta, GA and Los Angeles, CA
    Dedicated Servers, KVM, Xen & OpenVZ VPS, Co-location, R1Soft Data Backup, Shared & Reseller Hosting

  4. #4
    Quote Originally Posted by qps View Post
    Does anyone know if the new firmware is compatible with the X9SCM-iiF? It still lists the old firmware as the latest version...
    Yes works with the SCM-iif board, just updated a load of those (SMT_X9_315.zip)

    Thanks for the heads up Steven
    OnePoundWebHosting
    UK Shared & Reseller HostingDomain Registration
    UK XEN VPSPV & HVM
    99.9% Uptime GuaranteeUK Ltd Company, Established 2006

  5. #5
    Quote Originally Posted by Steven View Post
    I have not verified yet, but it would appear in my thinking that if you ACL it, you are immune since the ACL is basically iptables from what I saw.
    It is literally iptables I think. It doesn't just block web console logins but any traffic to the IPMI IP.
    RamNode - #1 SSD VPS
    High Performance SSD and SSD-Cached VPS
    NYC - LA - ATL - SEA - NL - 1Gbps - IPv6 - DDoS Protection - AS3842
    Get your super fast VPS today! - www.ramnode.com

  6. #6
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Quote Originally Posted by Nick A View Post
    It is literally iptables I think. It doesn't just block web console logins but any traffic to the IPMI IP.
    Confirmed.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

  7. #7
    Join Date
    Mar 2005
    Location
    Ten1/0/2
    Posts
    2,509
    So at the very least, if IPMI is on a public network it should be strictly limited via the IPMI firewall to only allow a very small subset of hosts to connect - especially so if it is not patched against this vulnerability!
    CPanel Shared and Reseller Hosting, OpenVZ VPS Hosting. West Coast (LA) Servers and Nodes
    Running Linux since 1.0.8 Kernel!
    Providing Internet Services since 1995 and Hosting Since 2004

  8. #8
    Join Date
    Mar 2003
    Location
    California USA
    Posts
    13,290
    Quote Originally Posted by RRWH View Post
    So at the very least, if IPMI is on a public network it should be strictly limited via the IPMI firewall to only allow a very small subset of hosts to connect - especially so if it is not patched against this vulnerability!
    Correct. If it has to be on the public network, then lock her down.
    Steven Ciaburri | Industry's Best Server Management - Rack911.com
    Software Auditing - 400+ Vulnerabilities Found - Quote @ https://www.RACK911Labs.com
    Fully Managed Dedicated Servers (Las Vegas, New York City, & Amsterdam) (AS62710)
    FreeBSD & Linux Server Management, Security Auditing, Server Optimization, PCI Compliance

Similar Threads

  1. Supermicro IPMI problems...
    By Draytoc in forum Colocation and Data Centers
    Replies: 8
    Last Post: 11-26-2013, 11:23 AM
  2. Supermicro IPMI
    By GarrisonHost-John in forum Colocation and Data Centers
    Replies: 7
    Last Post: 03-23-2011, 01:26 PM
  3. SuperMicro 's IPMI
    By Peter-SexyWing in forum Colocation and Data Centers
    Replies: 16
    Last Post: 07-10-2010, 04:51 PM
  4. Supermicro IPMI
    By opax in forum Colocation and Data Centers
    Replies: 6
    Last Post: 04-29-2009, 12:13 PM
  5. Supermicro IPMI
    By DevelopAl in forum Colocation and Data Centers
    Replies: 14
    Last Post: 03-10-2006, 02:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •