CVE-2004-2600

Severity

50%

Complexity

99%

Confidentiality

48%

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.

The firmware for Intelligent Platform Management Interface (IPMI) 1.5-based Intel Server Boards and Platforms is shipped with an Authentication Type Enables parameter set to an invalid None parameter, which allows remote attackers to obtain sensitive information when LAN management functionality is enabled.

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N).

Overview

First reported 20 years ago

2004-12-31 05:00:00

Last updated 7 years ago

2017-07-11 01:32:00

Affected Software

Intel CLI Auto-configuration Utility

Intel Client System Setup Utility

Intel Server Configuration Wizard

Intel Server Control

Intel System Setup Utility

Intel Carrier Grade Server TIGPR2U

Intel Carrier Grade Server TSRLT2

Intel Carrier Grade Server TSRMT2

HP Carrier Grade Server cc2300 A6898A

a6898a

HP Carrier Grade Server cc2300 A6899A

a6899a

HP Carrier Grade Server cc3300 A6900A

a6900a

HP Carrier Grade Server cc3300 A6901A

a6901a

HP Carrier Grade Server cc3310 A9862A

a9862a

HP Carrier Grade Server cc3310 A9863A

a9863a

Intel Entry Server Board SE7210TP1_E

Intel Entry Server Platform SR1325TP1_E

Intel Server Board SCB2

Intel Server Board SDS2

Intel Server Board SE7500WV2

Intel Server Board SE7501HG2

Intel Server Board SHG2

Intel Server Platform SPSH4

Intel Server Platform SR870BH2

Intel Server Platform SR870BN4

Intel Server Platform SRSH4

References

ftp://download.intel.com/support/motherboards/server/sb/aa6791invalidlanconfiguration040504.pdf

Vendor Advisory

11315

Patch, Vendor Advisory

http://support.intel.com/support/motherboards/server/sb/CS-010422.htm

4978

10068

intel-ssu-gain-access(15775)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.