‘IBM BladeCenter Management Module Denial of Service vulnerability’

Summary

The BladeCenter management module can be rebooted remotely.’

Credit:

‘The information has been provided by Alexey Sintsov.
The original article can be found at: http://dsecrg.com/pages/vul/show.php?id=149


Details

Vulnerable Systems:
 * IBM BladeCenter Managmet Module versions prior to BPET50G

Immune Systems:
 * IBM BladeCenter Managmet Module version BPET50G

An attacker can reset the management module by sending about five or ten malformed packets on its remote presence port (3900/tcp). All legal users, who use the management module and management network will be disconnected.

Disclosure Timeline:
2009-07-24 – Vulnerability reported to vendor
2009-07-26 – Vendor Response
2010-04-15 – Public release of advisory’

Categories: UNIX