Submitted via IRC for BoyceMagooglyMonkey
Details and public exploit code have been published online for a severe vulnerability affecting Hewlett Packard Integrated Lights-Out 4 (HP iLO 4) servers.
HP iLO devices are extremely popular among small and large enterprises alike. iLO cards can be embedded in regular computers. They have a separate Ethernet network connection and run a proprietary embedded server management technology that provides out-of-band management features, allowing sysadmins to manage computers from afar.
iLO cards allow sysadmins to install firmware remotely, reset servers, provide access to a remote console, read logs, and more.
Source: You Can Bypass Authentication on HPE iLO4 Servers With 29 "A" Characters
This discussion has been archived.
No new comments can be posted.
You Can Bypass Authentication on HPE ILO4 Servers With 29 "A" Characters
|
Log In/Create an Account
| Top
| 17 comments
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
(1)
(Score: 2) by edIII on Saturday July 07 2018, @05:08AM (1 child)
BWAHAHAHAHAHAHAHAHAAAHAHAHHAHA!
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by All Your Lawn Are Belong To Us on Monday July 09 2018, @08:22PM
No, you meant
BWAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HAAAAAAAAAAAAAAAAAAAAAAAAAAAAA!
This sig for rent.
(Score: 3, Funny) by The Mighty Buzzard on Saturday July 07 2018, @05:19AM
I knew I shouldn't have quit trying at 28!
My rights don't end where your fear begins.
(Score: 5, Interesting) by maxwell demon on Saturday July 07 2018, @07:12AM
The summary would have been orders of magnitude better, had the following paragraph from the article been quoted as well:
After all, that is the most important question about an exploit: What can the attacker do with it?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 1, Interesting) by Anonymous Coward on Saturday July 07 2018, @07:50AM (6 children)
I really can't understand all those "remote administration" integrated in hardware, or BIOS, or firmware.
Who uses such thing? I'm sure that it is only used in large network architectures and deep pockets customers. In fact, I think that most admins for small and medium business (let it be part staff of a tech support company, or part the staff of the business) don't know how to use such remote tools.
The first time I heard about this I thought "Don't they charge any extra for this feature that no low end customer has demanded? mmmm"
(Score: 0) by Anonymous Coward on Saturday July 07 2018, @08:25AM (2 children)
They do, or at least did previously.
(Score: 0) by Anonymous Coward on Saturday July 07 2018, @08:46AM (1 child)
You can't customize a server with/without "remote admin" like "An extra 8GB ram 200$". It's all or nothing, take it or leave it. Other way I would have never bought it , not because of paranoid reasons, but because of financial reasons.
(Score: 0) by Anonymous Coward on Sunday July 08 2018, @04:49AM
Wasn't it licensed though? You got an activation code / license number needed to turn the feature on? And in the case of the removable card version very much an optional add-on.
(Score: 4, Insightful) by jmorris on Saturday July 07 2018, @04:00PM (1 child)
If you have ever wanted to administer a machine you weren't sitting in front of you wanted this feature. Of course what you probably want is IPMI instead of a closed up HP work-alike or the awful new Intel shit show. Linux is great, once it is running you can do almost everything remotely but getting to that state is often the problem at hand and for that you need to have remote access to the display, keyboard, etc. even in BIOS and the early stages of the boot loader.
It is even handy if you are sitting right beside the rack because IPMI beats a KVM switch any day. Especially if there is more than one person that might need access.
But these things are all embedded computers and suffer the same problem afflicting IoT products. Morons develop the code running in them in secret and the manufacturer won't bother updating it unless they get shamed into it. And once the product it is embedded into is EOL you are simply screwed.
(Score: 0) by Anonymous Coward on Thursday July 12 2018, @06:40PM
I was looking into the Dell R710/810(?) models remote access a year or so back and found out they used a crappy proprietary frontend, but under the hood it was busybox+linux running on a tiny arm modules with 256 megs of RAM. I didn't have a chance to get too far with my research before the system was out my door, but there were discussions about jailbreaking them online. I wondered what the chances were of doing the same with later models that likely require vendor signed firmware to replace, rather than simply blackbox hardware that may require reverse engineering or threats of GPL violation to get booting on.
(Score: 0) by Anonymous Coward on Monday July 09 2018, @03:01PM
>vulnerability or backdoor?
Only a fool would not disguise a backdoor as a vulnerability to cover own ass, PR-wise.
(Score: 0) by Anonymous Coward on Saturday July 07 2018, @08:15AM (1 child)
But this vulnerability was reported in Feb 2017, and patched in Aug 2017.
Yes, this is another example of vendors' casual attitude toward security. But this was closed 11 months ago.
(Score: 2) by HiThere on Saturday July 07 2018, @05:29PM
It's a bit of a slow report, but it may well be important to anyone considering buying from HP.
Of course, so many different manufacturers have vital feature designed with bugs, that the options for avoiding them are limited. Got any suggestions?
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 5, Touché) by FatPhil on Saturday July 07 2018, @09:39AM (3 children)
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
(Score: 2) by DannyB on Monday July 09 2018, @02:09PM (2 children)
If Management is good, then Remote Management must be even gooder.
If you eat an entire cake without cutting it, you technically only had one piece.
(Score: 0) by Anonymous Coward on Monday July 09 2018, @03:04PM (1 child)
OTOH, as one can figure when one has managers nearby, "managers in a remote place" is not a totally negative picture.
(Score: 2) by DannyB on Monday July 09 2018, @07:08PM
I think being not totally negative is a form of being gooder as I suggested. :-)
If you eat an entire cake without cutting it, you technically only had one piece.