I don't want to pull away credit or page views from Dan Farmer's great work, but this needs more exposure...
For those of you who manage servers with IPMI over LAN enabled,
there is a very severe vulnerability that may allow anyone full root
access to your iLO/iDRAC/IMM/ILOM/whatever (aka BMC). This is
independent of the OS, though once rooted the attacker can then take
over the OS in the same way they would as if they have physical
access. They can control power, boot settings, serial over LAN,
BIOS settings (via serial), KVM, and can even read/write arbitrary
system memory.
For those of you who do not have IPMI over LAN enabled, there may be some stuff that affects you too...
For those of you who do not have IPMI over LAN enabled, there may be some stuff that affects you too...
