‘IBM BladeCenter Management Module Denial of Service vulnerability’
Summary
‘
Credit:
‘The information has been provided by Alexey Sintsov.
The original article can be found at: http://dsecrg.com/pages/vul/show.php?id=149‘
Details
‘Vulnerable Systems:
* IBM BladeCenter Managmet Module versions prior to BPET50G
Immune Systems:
* IBM BladeCenter Managmet Module version BPET50G
An attacker can reset the management module by sending about five or ten malformed packets on its remote presence port (3900/tcp). All legal users, who use the management module and management network will be disconnected.
Disclosure Timeline:
2009-07-24 – Vulnerability reported to vendor
2009-07-26 – Vendor Response
2010-04-15 – Public release of advisory’