IPMI v2.0 Password Hash Disclosure
The remote host supports IPMI v2.0. The Intelligent Platform
Management Interface (IPMI) protocol is affected by an information
disclosure vulnerability due to the support of RMCP+ Authenticated
Key-Exchange Protocol (RAKP) authentication. A remote attacker can
obtain password hash information for valid user accounts via the HMAC
from a RAKP message 2 response from a BMC.
Javasolt megoldás
There is no patch for this vulnerability; it is an inherent problem
with the specification for IPMI v2.0. Suggested mitigations include :
- Disabling IPMI over LAN if it is not needed.
- Using strong passwords to limit the successfulness of
off-line dictionary attacks.
- Using Access Control Lists (ACLs) or isolated networks
to limit access to your IPMI management interfaces.