Vulnerability CVE-2013-3607

Vulnerability CVE-2013-3607

Published: 2013-09-07 Modified: 2013-09-08

Description:

Multiple stack-based buffer overflows in the web interface in the Intelligent Platform Management Interface (IPMI) implementation on Supermicro H8DC, H8DG, H8SCM-F, H8SGL-F, H8SM, X7SP, X8DT, X8SI, X9DAX-, X9DB, X9DR, X9QR, X9SBAA-F, X9SC, X9SPU-F, and X9SR devices allow remote attackers to execute arbitrary code on the Baseboard Management Controller (BMC), as demonstrated by the (1) username or (2) password field in login.cgi.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
10/10	10/10	10/10

Exploit range	Attack complexity	Authentication
Remote	Low	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Supermicro -> H8sgl-f
Supermicro -> X8dtn+-f
Supermicro -> X9dax-7f
Supermicro -> X9dr7-ln4f
Supermicro -> X9drff-i+
Supermicro -> X9drl-ef
Supermicro -> X9qr7-tf-jbod
Supermicro -> X9sre-f
Supermicro -> H8dcl-6f
Supermicro -> H8sme-f
Supermicro -> X8dtn+-f-lr
Supermicro -> X9dax-7f-hft
Supermicro -> X9dr7-ln4f-jbod
Supermicro -> X9drff-ig+
Supermicro -> X9drl-if
Supermicro -> X9qri-f
Supermicro -> X9srg-f
Supermicro -> H8dcl-if
Supermicro -> H8sml-7
Supermicro -> X8dtu-6f+
Supermicro -> X9dax-7tf
Supermicro -> X9dr7-tf+
Supermicro -> X9drff-it+
Supermicro -> X9drt-f
Supermicro -> X9qri-f+
Supermicro -> X9sri-3f
Supermicro -> H8dct-hibqf
Supermicro -> H8sml-7f
Supermicro -> X8dtu-6f+-lr
Supermicro -> X9dax-if
Supermicro -> X9drd-7jln4f
Supermicro -> X9drff-itg+
Supermicro -> X9drt-h6f
Supermicro -> X9sbaa-f
Supermicro -> X9sri-f
Supermicro -> H8dct-hln4f
Supermicro -> H8sml-i
Supermicro -> X8dtu-6tf+
Supermicro -> X9dax-if-hft
Supermicro -> X9drd-7ln4f
Supermicro -> X9drfr
Supermicro -> X9drt-h6ibff
Supermicro -> X9sca-f
Supermicro -> X9srl-f
Supermicro -> H8dct-ibqf
Supermicro -> H8sml-if
Supermicro -> X8dtu-6tf+-lr
Supermicro -> X9dax-itf
Supermicro -> X9drd-7ln4f-jbod
Supermicro -> X9drg-hf
Supermicro -> X9drt-h6ibqf
Supermicro -> X9scd-f
Supermicro -> X9srw-f
Supermicro -> H8dg6-f
Supermicro -> X7spa-hf
Supermicro -> X8dtu-ln4f+
Supermicro -> X9db3-f
Supermicro -> X9drd-ef
Supermicro -> X9drg-hf+
Supermicro -> X9drt-hf+
Supermicro -> X9sce-f
Supermicro -> H8dgg-qf
Supermicro -> X7spa-hf-d525
Supermicro -> X8dtu-ln4f+-lr
Supermicro -> X9db3-tpf
Supermicro -> X9drd-if
Supermicro -> X9drg-htf
Supermicro -> X9drt-ibff
Supermicro -> X9scff-f
Supermicro -> H8dgi-f
Supermicro -> X7spe-h-d525
Supermicro -> X8si6-f
Supermicro -> X9dbi-f
Supermicro -> X9dre-ln4f
Supermicro -> X9drg-htf+
Supermicro -> X9drt-ibqf
Supermicro -> X9sci-ln4f
Supermicro -> H8dgt-hf
Supermicro -> X7spe-hf
Supermicro -> X8sia-f
Supermicro -> X9dbi-tpf
Supermicro -> X9dre-tf+
Supermicro -> X9drh-7f
Supermicro -> X9drw-3ln4f+
Supermicro -> X9scl+-f
Supermicro -> H8dgt-hibqf
Supermicro -> X7spe-hf-d525
Supermicro -> X8sie-f
Supermicro -> X9dbl-3f
Supermicro -> X9drff
Supermicro -> X9drh-7tf
Supermicro -> X9drw-3tf+
Supermicro -> X9scl-f
Supermicro -> H8dgt-hlf
Supermicro -> X7spt-df-d525
Supermicro -> X8sie-ln4f
Supermicro -> X9dbl-if
Supermicro -> X9drff-7
Supermicro -> X9drh-if
Supermicro -> X9drw-7tpf+

References:

http://www.kb.cert.org/vuls/id/648646

http://www.securityfocus.com/bid/62094

http://www.supermicro.com/products/nfo/files/IPMI/CVE_Update.pdf

http://www.thomas-krenn.com/en/wiki/Supermicro_IPMI_Security_Updates_November_2013

https://support.citrix.com/article/CTX216642

https://www.usenix.org/system/files/conference/woot13/woot13-bonkoski_0.pdf

Vulnerability CVE-2013-3607

CWE-119

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

10/10

10/10

10/10

Remote

Low

No required

Complete

Complete

Complete

Affected software

References: