Re: CARISIRT: Yet Another BMC Vulnerability

[Coy Hile <coy.hile () coyhile com>]

On Jun 19, 2014, at 7:41 PM, Markus <universe () truemetal org> wrote:

> http://blog.cari.net/carisirt-yet-another-bmc-vulnerability-and-some-added-extras/
>
> = simple telnet commands displays passwords of BMCs. Damn Supermicro, please hire some new programmers! :(

And here I was hoping it would be something useful like a vulnerability that would put BMC (the company) out of 
business!  Don’t get my hopes up like that!

More reason that one shouldn’t make his OOB net generally accessible.

Attachment: smime.p7s
Description: