Impact
It's been found that multiple functions in ipmitool 1.8.18 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user.
All users of ipmitool are potentially affected.
Patches
Version 1.8.19 will have this problem fixed. The problem is fixed on the master branch of ipmitool project since commit 7ccea28.
Workarounds
There are no workarounds to completely remediate the vulnerability, but possibility of it being exploited can be significantly lowered by:
- Not running
ipmitool as a privileged user
- Not running
ipmitool over demilitarized network or against untrusted IPMI-enabled devices.
References
None
For more information
If you have any questions or comments about this advisory, open an issue in ipmitool issue tracker.
Acknowledgements
- Christopher Ertl of MSRC Vulnerabilities & Mitigations
Impact
It's been found that multiple functions in ipmitool 1.8.18 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user.
All users of ipmitool are potentially affected.
Patches
Version 1.8.19 will have this problem fixed. The problem is fixed on the master branch of
ipmitoolproject since commit 7ccea28.Workarounds
There are no workarounds to completely remediate the vulnerability, but possibility of it being exploited can be significantly lowered by:
ipmitoolas a privileged useripmitoolover demilitarized network or against untrusted IPMI-enabled devices.References
None
For more information
If you have any questions or comments about this advisory, open an issue in ipmitool issue tracker.
Acknowledgements