Original URL: http://www.theregister.co.uk/2013/11/07/ipmi_in_supermicro_servers_vulnerable_says_moore/

IPMI in Supermicro servers vulnerable says HD Moore

Metasploit founder flays firmware, finds flaws

By Richard Chirgwin

Posted in Security, 7th November 2013 05:03 GMT

Metasploit's HD Moore is gnawing at the security of the The Intelligent Platform Management Interface (IPMI) again, this time zeroing in on the firmware implementation from vendor Supermicro.

Moore had looked at IPMI in general in July, at which time he pointed to vulnerabilities in Supermicro's uPNP implementation.

His latest work at Rapid7, here, takes a closer look at the baseboard management controller (BMC) on motherboards using the SMT_X9_226 firmware.

His findings are that the firmware includes a small host of vulnerabilities: static credentials, buffer overflows, and directory traversals. Taking them in order:

As stated back in July, Moore says, there are 35,000-plus Supermicro IPMI interfaces visible to the Internet (El Reg supposes his source is the ever-reliable Shodan search engine). ®