CVE-2012-4112

CVE-2012-4112 affects the Cisco UCS Baseboard Management Controller (BMC). A vulnerability in the BMC’s command-line interface (CLI) allows a locally authenticated attacker to inject arbitrary commands with elevated privileges due to improper filtering of user-supplied parameters. Exploitation re...

Cisco Unified Computing System Baseboard Management Controller Arbitrary File Access Vulnerability

A vulnerability in the Baseboard Management Controller BMC local file editor of the Cisco Unified Computing System could allow an authenticated, local attacker to modify the contents of arbitrary files on the fabric interconnect. The vulnerability is due to a failure to properly sanitize user...

CVE-2012-4096

The CVE-2012-4096 issue affects Cisco UCS BMC local file editor. Affected product: Cisco Unified Computing System BMC. Description in Cisco advisory and Red Hat/NVD entries confirms that an authenticated, local attacker can modify arbitrary files on the fabric interconnect by abusing the local fi...

Cisco Unified Computing System Baseboard Management Controller Privilege Escalation Vulnerability

A vulnerability in the Baseboard Management Controller BMC of Cisco Unified Computing System could allow an authenticated, remote attacker to access services with elevated privileges. The vulnerability is due to improper filtering of SSH escape sequences. An attacker could exploit this...

Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability

A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...

CVE-2012-4078

The Baseboard Management Controller BMC in Cisco Unified Computing System UCS does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656...

Command injection

MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...

CVE-2012-4089

MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...

CVE-2012-4078

The Cisco UCS Baseboard Management Controller (BMC) is affected by a vulnerability due to improper filtering of SSH escape sequences, allowing an authenticated, remote attacker to bypass part of the authentication via SSH port forwarding and access services with elevated privileges. The issue (Bu...

Intel Xeon Baseboard Management Component (BMC) Privilege Escalation (INTEL-SA-00026)

The version of the Intel BIOS on the remote device indicates that the Baseboard Management Component BMC firmware it is running is affected by an unspecified privilege escalation vulnerability. A knowledgeable remote malicious attacker could leverage this issue to deny service to legitimate users...

Stack overflow

Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface IPMI implementation on Supermicro H8DC, H8DG, H8SCM-F, H8SGL-F, H8SM, X7SP, X8DT, X8SI, X9DAX-, X9DB, X9DR, X9QR, X9SBAA-F, X9SC, X9SPU-F, and X9SR devices allow remote attackers to execute...

Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update

Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...

Low Entropy RSA Issue in Intel EPSD Baseboard Management Controller (BMC) Firmware

Summary: There is a potential security vulnerability related to the improper generation of RSA encryption keys in EPSD Baseboard Management Controller BMC firmware. Intel is releasing updated versions of the BMC firmware to mitigate the potential vulnerability. Description: There is a potential...

Cisco ACS 1121 Default Credentials

Cisco ACS 1121 hardware appliance uses OEM IBM xSeries server platform which includes a Baseboard Management Controller. The controller acquires a DHCP address on ethernet port and has default credentials enabled "USERID" and "PASSW0RD". BCM is accessible using the IPMI protocol via free tool suc...

Intel®Xeon® 5500, 5600 Series Baseboard Management Component (BMC) Firmware Privilege Escalation

Summary: Intel is releasing a firmware update to mitigate a privilege escalation issue with Intel®Xeon® 5500, 5600 Series Baseboard Management Component BMC Firmware. Description: Under certain circumstances a privilege escalation issue is present in the Baseboard Management Component BMC firmwar...

IBM Baseboard Management Controller Default Credentials

Binary data ibmbmcdefaultlogin.nbin...

Intel Enterprise Southbridge 2 Baseboard Management Controller unauthorized access

It's possible to connect to server mothreboard control module and execute IPMI command without authentication...