413 matches found
CVE-2012-4096
The CVE-2012-4096 issue affects Cisco UCS BMC local file editor. Affected product: Cisco Unified Computing System BMC. Description in Cisco advisory and Red Hat/NVD entries confirms that an authenticated, local attacker can modify arbitrary files on the fabric interconnect by abusing the local fi...
Cisco Unified Computing System Baseboard Management Controller Privilege Escalation Vulnerability
A vulnerability in the Baseboard Management Controller BMC of Cisco Unified Computing System could allow an authenticated, remote attacker to access services with elevated privileges. The vulnerability is due to improper filtering of SSH escape sequences. An attacker could exploit this...
Cisco Unified Computing System Baseboard Management Controller Arbitrary Command Execution Vulnerability
A vulnerability in the fabric interconnect FI of Cisco Unified Computing System could allow an authenticated, local attacker to execute arbitrary commands on the Baseboard Management Controller BMC with elevated privileges. The vulnerability is due to improper input validation in the MCTOOLS...
CVE-2012-4078
The Baseboard Management Controller BMC in Cisco Unified Computing System UCS does not properly handle SSH escape sequences, which allows remote authenticated users to bypass an unspecified authentication step via SSH port forwarding, aka Bug ID CSCtg17656...
Command injection
MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...
CVE-2012-4078
The Cisco UCS Baseboard Management Controller (BMC) is affected by a vulnerability due to improper filtering of SSH escape sequences, allowing an authenticated, remote attacker to bypass part of the authentication via SSH port forwarding and access services with elevated privileges. The issue (Bu...
CVE-2012-4089
MCTOOLS in the fabric interconnect in Cisco Unified Computing System UCS allows local users to execute arbitrary Baseboard Management Controller BMC commands by leveraging 1 local, 2 shell-level, or 3 debug-level privileges at the operating-system layer, aka Bug ID CSCtg76239...
Stack overflow
Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface IPMI implementation on Supermicro H8DC, H8DG, H8SCM-F, H8SGL-F, H8SM, X7SP, X8DT, X8SI, X9DAX-, X9DB, X9DR, X9QR, X9SBAA-F, X9SC, X9SPU-F, and X9SR devices allow remote attackers to execute...
Low: Red Hat Security Advisory: OpenIPMI security, bug fix, and enhancement update
Updated OpenIPMI packages that fix one security issue, multiple bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which give...
Low Entropy RSA Issue in Intel EPSD Baseboard Management Controller (BMC) Firmware
Summary: There is a potential security vulnerability related to the improper generation of RSA encryption keys in EPSD Baseboard Management Controller BMC firmware. Intel is releasing updated versions of the BMC firmware to mitigate the potential vulnerability. Description: There is a potential...
Cisco ACS 1121 Default Credentials
Cisco ACS 1121 hardware appliance uses OEM IBM xSeries server platform which includes a Baseboard Management Controller. The controller acquires a DHCP address on ethernet port and has default credentials enabled "USERID" and "PASSW0RD". BCM is accessible using the IPMI protocol via free tool suc...
IBM Baseboard Management Controller Default Credentials
Binary data ibmbmcdefaultlogin.nbin...
Intel Enterprise Southbridge 2 Baseboard Management Controller unauthorized access
It's possible to connect to server mothreboard control module and execute IPMI command without authentication...