安全研究

安全漏洞
HP Integrated Lights Out远程拒绝服务漏洞

发布日期:2004-05-26
更新日期:2004-05-31

受影响系统:
HP Integrated Lights Out 1.6 A
HP Integrated Lights Out 1.51 A
HP Integrated Lights Out 1.50 A
HP Integrated Lights Out 1.50
HP Integrated Lights Out 1.42 A
HP Integrated Lights Out 1.41 A
HP Integrated Lights Out 1.40 A
HP Integrated Lights Out 1.27 A
HP Integrated Lights Out 1.26 A
HP Integrated Lights Out 1.20 A
HP Integrated Lights Out 1.16 A
HP Integrated Lights Out 1.15 A
HP Integrated Lights Out 1.15
HP Integrated Lights Out 1.10
不受影响系统:
HP Integrated Lights Out 1.55
描述:
BUGTRAQ  ID: 10415
CVE(CAN) ID: CVE-2004-0525

Integrated Lights-Out高级软件包-可通过图形操控台和虚拟介质将Integrated Lights-Out
处理器升级到完全虚拟存和控制。

HP Integrated Lights-Out在处理TCP端口为0的通信时存在问题,远程攻击者可以利用这个漏对iLO服务进行拒绝服务攻击。

LAN管理产品当访问Integrated Lights-Out (iLO)时如果使用TCP端口为0,可使服务停止响应,造成拒绝服务攻击。

<*来源:HP Security Bulletin (security-alert@hp.com
  
  链接:*>

建议:
厂商补丁:

HP
--
HP已经为此发布了一个安全公告(SSRT4724)以及相应补丁:
SSRT4724:SSRT4724 - HP integrated Lights Out (iLO) Denial of Service (DoS) using port zero

补丁下载:

HP Integrated Lights Out 1.6 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.10:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.15 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.15:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.16 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.20 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.26 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.27 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.40 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.41 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.42 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.50 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.50:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

HP Integrated Lights Out 1.51 A:

HP Upgrade iLO Firmware 1.55
http://h18004.www1.hp.com/support/files/lights-out/us/index.html

浏览次数:3049
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障