发布时间 :2004-12-31 00:00:00
修订时间 :2008-09-05 16:44:35

[原文]The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.

[CNNVD]Intel LAN管理服务器配置漏洞(CNNVD-200412-549)

        用于基于Intel Server Boards和Platforms智能平台接口(IPMI)1.5版本的固件与设置有效空参数的授权类型有效参数有关。远程攻击者启用LAN管理功能时可以利用该漏洞获得敏感信息。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:intel:cli_auto-configuration_utilityIntel CLI Auto-configuration Utility
cpe:/h:intel:server_platform_srsh4Intel Server Platform SRSH4
cpe:/h:intel:carrier_grade_server_tigpr2uIntel Carrier Grade Server TIGPR2U
cpe:/h:intel:server_board_se7500wv2Intel Server Board SE7500WV2
cpe:/h:hp:carrier_grade_server_cc2300:a6899aHP Carrier Grade Server cc2300 A6899A
cpe:/h:intel:server_platform_sr870bn4Intel Server Platform SR870BN4
cpe:/h:intel:server_platform_spsh4Intel Server Platform SPSH4
cpe:/h:intel:server_platform_sr870bh2Intel Server Platform SR870BH2
cpe:/h:hp:carrier_grade_server_cc3310:a9863aHP Carrier Grade Server cc3310 A9863A
cpe:/a:intel:client_system_setup_utilityIntel Client System Setup Utility
cpe:/h:intel:carrier_grade_server_tsrlt2Intel Carrier Grade Server TSRLT2
cpe:/h:hp:carrier_grade_server_cc3310:a9862aHP Carrier Grade Server cc3310 A9862A
cpe:/h:intel:server_board_se7501hg2Intel Server Board SE7501HG2
cpe:/h:hp:carrier_grade_server_cc3300:a6900aHP Carrier Grade Server cc3300 A6900A
cpe:/a:intel:server_configuration_wizardIntel Server Configuration Wizard
cpe:/h:intel:server_board_sds2Intel Server Board SDS2
cpe:/h:intel:entry_server_platform_sr1325tp1-eIntel Entry Server Platform SR1325TP1_E
cpe:/h:hp:carrier_grade_server_cc3300:a6901aHP Carrier Grade Server cc3300 A6901A
cpe:/h:intel:server_board_shg2Intel Server Board SHG2
cpe:/a:intel:system_setup_utilityIntel System Setup Utility
cpe:/h:intel:entry_server_board_se7210tp1-eIntel Entry Server Board SE7210TP1_E
cpe:/h:intel:server_board_scb2Intel Server Board SCB2
cpe:/h:hp:carrier_grade_server_cc2300:a6898aHP Carrier Grade Server cc2300 A6898A
cpe:/a:intel:server_controlIntel Server Control
cpe:/h:intel:carrier_grade_server_tsrmt2Intel Carrier Grade Server TSRMT2

- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  XF  intel-ssu-gain-access(15775)
(UNKNOWN)  BID  10068

- 漏洞信息

Intel LAN管理服务器配置漏洞
中危 设计错误
2004-12-31 00:00:00 2006-01-23 00:00:00
        用于基于Intel Server Boards和Platforms智能平台接口(IPMI)1.5版本的固件与设置有效空参数的授权类型有效参数有关。远程攻击者启用LAN管理功能时可以利用该漏洞获得敏感信息。

- 公告与补丁

        Intel has released an action alert AA-679-1 and a fix dealing with this issue.
        The HP advisory HPSBGN01009 is also available.
        Intel System Setup Utility
        Intel Server Platform SRSH4
        Intel Client System Setup Utility
        HP Carrier Grade Server cc3310 A9862A
        Intel Server Platform SPSH4
        Intel Server Board SE7501HG2
        Intel Server Configuration Wizard
        HP Carrier Grade Server cc3310 A9863A
        Intel Entry Server Platform SR1325TP1-E
        HP Carrier Grade Server cc2300 A6899A
        Intel Carrier Grade Server TIGPR2U
        Intel Server Board SDS2
        Intel Entry Server Board SE7210TP1-E
        Intel Carrier Grade Server TSRLT2
        Intel Server Board SE7500WV2
        HP Carrier Grade Server cc2300 A6898A
        Intel Server Control
        Intel Server Platform SR870BH2
        Intel Server Platform SR870BN4
        Intel Server Board SCB2
        HP Carrier Grade Server cc3300 A6901A
        HP Carrier Grade Server cc3300 A6900A
        Intel Server Board SHG2
        Intel Carrier Grade Server TSRMT2
        Intel CLI Auto-configuration Utility

- 漏洞信息

Intel Server Control and Server Management Invalid Firmware Setting
Remote / Network Access Misconfiguration
Loss of Confidentiality, Loss of Integrity
Exploit Unknown

- 漏洞描述

Intel Server Control and Server Management utilities contain a flaw that may allow a malicious user to gain unauthorized administrative access. The issue is due to the configuration utilities setting the "Authentication Type Enables" parameter to "None" in Byte 3 and Byte 4, which is an invalid option.

- 时间线

2004-04-07 Unknow
Unknow Unknow

- 解决方案

Intel has released an updated version (1.05) of the Command Line Interface (CLI) to address this issue. Intel is investigating the possibility of providing updated versions of the SSU, SMU, and SCW utilities to correct this configuration issue. As a workaround, customers can download the "BMC LAN Fix Utility" to reconfigure the incorrect settings.

- 相关参考

- 漏洞作者

Unknown or Incomplete