Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Generic)  >   HPE integrated Lights Out (iLO) Vendors:   HPE
HP Integrated Lights Out May Let Remote Users Access the System When Powered Down
SecurityTracker Alert ID:  1014658
SecurityTracker URL:
CVE Reference:   CVE-2005-2552   (Links to External Site)
Updated:  Jun 8 2008
Original Entry Date:  Aug 11 2005
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): HP ProLiant DL585 ILO firmware prior to version 1.82
Description:   A vulnerability was reported in HP Integrated Lights Out on HP's ProLiant DL585 Server. A remote user can gain access to the system.

A remote user may be able to gain access to the server controls when the target server is powered down.

Only some ProLiant DL585 servers are affected. No other models are affected.

The vendor discovered this vulnerability.

No further details were provided.

Impact:   A remote user can gain access to the target system when it is powered down.
Solution:   The vendor has issued a fixed version (1.82).

Online ROM Flash Component for Windows - HP Integrated Lights-Out:

Online ROM Flash Component for Linux - HP Integrated Lights-Out:

Offline ROM Flash for SmartStart Maintenance: ROM Update Utility - Integrated Lights-Out:

As a workaround, you can unplug the power cord whenever the server is powered down.

Vendor URL: (Links to External Site)
Cause:   Not specified

Message History:   None.

 Source Message Contents

[Original Message Not Available for Viewing]

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC