CVE-2007-0661

Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service.

CVSS v2.0 5.4 MEDIUM

5.4^/10

CVSS v2.0 : MEDIUM

Vector : AV:A/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 5.5 / Impact : 6.4

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lz1.intel.com/psirt/advisory.aspx?intelid=INTEL-SA-00012&languageid=en-fr	Patch Vendor Advisory
http://secunia.com/advisories/23989	Vendor Advisory
http://www.securityfocus.com/bid/22341
http://osvdb.org/33044
http://www.vupen.com/english/advisories/2007/0432

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:intel:server_board_s5000vsa::::::::
	cpe:2.3:h:intel:server_board_s5000xal::::::::
	cpe:2.3:h:intel:enterprise_southbridge_2_bmc::::::::
	cpe:2.3:h:intel:server_board_s5000xvn::::::::
	cpe:2.3:h:intel:server_board_sc5400ra::::::::
	cpe:2.3:h:intel:enterprise_southbridge_bmc:::oem:::::*
	cpe:2.3:h:intel:server_board_s5000pal::::::::
	cpe:2.3:h:intel:server_board_s5000psl::::::::
	cpe:2.3:h:intel:server_board_s5000vcl::::::::

Information

Published : 2007-02-01 14:28

Updated : 2011-03-07 18:50

NVD link : CVE-2007-0661

Mitre link : CVE-2007-0661

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

intel

server_board_s5000pal
server_board_s5000psl
enterprise_southbridge_2_bmc
enterprise_southbridge_bmc
server_board_sc5400ra
server_board_s5000vcl
server_board_s5000vsa
server_board_s5000xvn
server_board_s5000xal

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lz1.intel.com/psirt/advisory.aspx?intelid=INTEL-SA-00012&languageid=en-fr", "name": "http://lz1.intel.com/psirt/advisory.aspx?intelid=INTEL-SA-00012&languageid=en-fr", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/23989", "name": "23989", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securityfocus.com/bid/22341", "name": "22341", "tags": [], "refsource": "BID"}, {"url": "http://osvdb.org/33044", "name": "33044", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2007/0432", "name": "ADV-2007-0432", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Intel Enterprise Southbridge 2 Baseboard Management Controller (BMC), Intel Server Boards 5000XAL, S5000PAL, S5000PSL, S5000XVN, S5000VCL, S5000VSA, SC5400RA, and OEM Firmware for Intel Enterprise Southbridge Baseboard Management Controller before 20070119, when Intelligent Platform Management Interface (IPMI) is enabled, allow remote attackers to connect and issue arbitrary IPMI commands, possibly triggering a denial of service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2007-0661", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.4, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 5.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2007-02-01T22:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000vsa:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000xal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:enterprise_southbridge_2_bmc:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000xvn:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_sc5400ra:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:enterprise_southbridge_bmc:*:*:oem:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000pal:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000psl:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:intel:server_board_s5000vcl:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T02:50Z"}