[Info-vax] HPE iLO CVE-2017-12542 proof-of-concept
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Thu Feb 8 14:56:57 EST 2018
And on the subject of iLO vulnerabilities, here's an iLO4
proof-of-concept and exploit for CVE-2017-12542... "A potential
security vulnerability has been identified in HPE Integrated Lights-out
(iLO 4). The vulnerability could be exploited remotely to allow
authentication bypass and execution of code." The original details
were published last year...
https://github.com/skelsec/CVE-2017-12542
https://github.com/airbus-seclab/ilo4_toolbox/
Here's the HPE posting on this problem, effecting HP Integrated
Lights-Out 4 (iLO 4), Prior to 2.53...
https://support.hpe.com/hpsc/doc/public/display?docId=hpesbhf03769en_us
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list