CERTA-2004-AVI-177
Vulnerability from certfr_avis

Au moyen d'un paquet habilement constitué, un utilisateur distant mal intentionné peut arrêter iLO.

Description

Integrated Lights-Out (iLO) est une solution matérielle et logicielle permettant la supervision à distance des serveurs Proliant.

Selon HP, l'envoi d'un paquet à destination du port zero provoque un déni de service par arrêt d'iLO.

Solution

Se référer au bulletin de sécurité du constructeur pour l'obtention du correctif (cf. section Documentation).

Firmwares antérieurs à la version 1.55.

Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eFirmwares ant\u00e9rieurs \u00e0 la version 1.55.\u003c/p\u003e",
  "content": "## Description\n\nIntegrated Lights-Out (iLO) est une solution mat\u00e9rielle et logicielle\npermettant la supervision \u00e0 distance des serveurs Proliant.\n\nSelon HP, l\u0027envoi d\u0027un paquet \u00e0 destination du port zero provoque un\nd\u00e9ni de service par arr\u00eat d\u0027iLO.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 du constructeur pour l\u0027obtention du\ncorrectif (cf. section Documentation).\n",
  "cves": [],
  "initial_release_date": "2004-05-27T00:00:00",
  "last_revision_date": "2004-05-27T00:00:00",
  "links": [
    {
      "title": "Integrated Lights-Out Standard :",
      "url": "http://h18013.www1.hp.com/products/servers/management/ilo"
    }
  ],
  "reference": "CERTA-2004-AVI-177",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2004-05-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": "Au moyen d\u0027un paquet habilement constitu\u00e9, un utilisateur distant mal\nintentionn\u00e9 peut arr\u00eater iLO.\n",
  "title": "Vuln\u00e9rabilit\u00e9 d\u0027iLO pour les serveurs ProLiant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 HPSBMA01046 de HP",
      "url": "http://itrc.hp.com"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.