Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - Supermicro fails at IPMI, leaks admin passwords (

drinkypoo writes: Zachary Wikholm of Security Incident Response Team (CARISIRT) has publicly announced a serious failure in IPMI BMC (management controller) security on at least 31,964 public-facing systems with motherboards made by SuperMicro: "Supermicro had created the password file PSBlock in plain text and left it open to the world on port 49152." These BMCs are running Linux 2.6.17 on a Nuvoton WPCM450 chip. An exploit will be rolled into metasploit shortly. There is already a patch available for the affected hardware.
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Supermicro fails at IPMI, leaks admin passwords

Comments Filter:

Many people are unenthusiastic about their work.