Vulnerability for Intel Mboards

[thomas.mandl () EUNET AT (Thomas Mandl)]

Hi,

i've encountered the following 'security hole':

New Intel Motherboards (we've found this on motherboards using the 810
chipset) allow 'remote control' of all OS parameters (we tried this with
WinNT4.0 SP5/6).
When installing add-on programs from the support cd-rom a web server
gets installed (i was not aware of this fact), which allows a system
administrator to remotely control/monitor various OS and motherboard
parameters.
E.g. you can monitor the Fan temp, fan rpm, number of installed DIMMs
... or for WinNT4.0 you have access to several OS parameters as (free
disk space for drive C: D:, ...), which service pack is used, how the
machine was configured, etc...

The web server listens on port 6787, and the default account is
'Administrator' with a password of 'changeme' it will work only with IE4
or later!

After setup of this machine was finished i was not even aware that there
is a web server running on this NT4.0 Workstation (as usual we admin's
do not have enough time to RTFM :-). Only after scanning the host with
nmap/nessus i found the open port and started to investigate.

I just want to _warn_ anyone out there to be careful! This could easily
become a potential security hole if used by the wrong guys

best regards
Thomas

--
Thomas Mandl
e-mail: Thomas.Mandl () EUnet at
NIC-HDL: TM4373
PGP: PGP 6.5.1 available on request (send e-mail with subject:
REQUEST PGP)

-----BEGIN GEEK CODE BLOCK-----
Version 3.1
GE/CC/CS/CM d-(+) s+++:++ a C++++$ US++++$ UL++++$ P++++ L+++ E++>+++
W++>+++ N++ w--- !O !M V-- PE PGP-(++) t++>+++ 5++ X++ R* tv  b+ DI++
D++ G++ e++ h* r++
------END GEEK CODE BLOCK------

ObJoke:Screw the Prime Directive, give the Borg MS-DOS 1.0!
ObJoke:UNIX is user friendly. It's just selective about who its friends
are.