A widely deployed protocol and controller used in servers and workstations both contain serious vulnerabilities that, in effect, give attackers near-physical access to the machines, a pair of renowned researchers said recently.
HD Moore, chief research officer at Rapid7 and creator of Metasploit, and security researcher Dan Farmer announced findings of their research on major flaws in the Intelligent Platform Management Interface (IPMI) protocol and the Baseboard Management Controllers (BMC) packaged with most servers for remote management purposes.
As part of his ongoing Internet scanning research, Moore found more than 100,000 servers and workstations online that are vulnerable to one or more of six flaws in IPMI and BMC — some of which were bugs Farmer revealed earlier this year — which Moore says is just the tip of the iceberg of potential servers in danger on the Net. The bugs could allow an attacker to compromise BMCs in the affected servers and siphon data from attached storage devices, make changes to the operating system, install a permanent backdoor, sniff credentials sent through the server, launch a denial-of-service attack, or wipe the hard drives.