ID
VAR-E-201308-0403
CVE
| cve_id: | CVE-2013-3607 | Trust: 0.3 |
sources:
BID: 62094
TITLE
Supermicro IPMI Web Interface Multiple Stack-Based Buffer Overflow Vulnerabilities
Trust: 0.3
sources:
BID: 62094
DESCRIPTION
Supermicro IPMI is prone to multiple stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on user-supplied data.
An attacker can exploit these issues to execute arbitrary code in the context of the device that uses the affected interface. Failed exploit attempts will likely crash the device.
Trust: 0.3
sources:
BID: 62094
AFFECTED PRODUCTS
| vendor: | super | model: | micro computer supermicro x9srl-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sri-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sri-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9srg-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sre-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sre-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9srd-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9spu-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scm-iif | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scm-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scl-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scl+-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sci-ln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scff-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sce-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9scd-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sca-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9sbaa-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9qri-f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9qri-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9qr7-tf-jbod | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9qr7-tf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9qr7-tf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drx+-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drw-itpf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drw-7tpf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drw-3tf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drw-3ln4f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-ibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-ibff | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-hf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-h6ibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-h6ibff | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-h6f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drt-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drl-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drl-ef | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drl-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dri-ln4f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dri-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drh-itf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drh-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drh-7tf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drh-7f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drg-htf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drg-htf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drg-hf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drg-hf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drfr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-itg+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-it+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-ig+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-i+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-7tg+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-7t+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-7g+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-7+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff-7 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drff | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dre-tf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dre-ln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drd-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drd-ef | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drd-7ln4f-jbod | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drd-7ln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9drd-7jln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dr7-tf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dr7-ln4f-jbod | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dr7-ln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dr3-ln4f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dr3-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbu-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbu-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbl-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbl-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbi-tpf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dbi-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9db3-tpf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9db3-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-itf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-if-hft | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-7tf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-7f-hft | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x9dax-7f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8siu-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sit-hf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sit-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sil-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sie-ln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sie-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8sia-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8si6-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-ln4f+-lr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-ln4f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-6tf+-lr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-6tf+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-6f+-lr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtu-6f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtn+-f-lr | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtn+-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtl-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtl-6f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x8dtl-3f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spt-df-d525+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spt-df-d525 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spe-hf-d525 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spe-hf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spe-h-d525 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spa-hf-d525 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro x7spa-hf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sml-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sml-i | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sml-7f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sml-7 | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sme-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8sgl-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8scm-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgu-ln4f+ | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgu-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgt-hlibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgt-hlf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgt-hibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgt-hf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgi-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dgg-qf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dg6-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dct-ibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dct-hln4f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dct-hibqf | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dct-f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dcl-if | scope: | - | version: | - | Trust: 0.3 |
| vendor: | super | model: | micro computer supermicro h8dcl-6f | scope: | - | version: | - | Trust: 0.3 |
| vendor: | citrix | model: | netscaler t1 | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | citrix | model: | netscaler service delivery appliance | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | citrix | model: | netscaler gateway | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | citrix | model: | netscaler application delivery controller | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | citrix | model: | command center appliance | scope: | eq | version: | 0 | Trust: 0.3 |
| vendor: | citrix | model: | cloudbridge | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 62094
EXPLOIT
The researcher has created a proof-of-concept to demonstrate these issues. Please see the references for more information.
Trust: 0.3
sources:
BID: 62094
PRICE
Free
Trust: 0.3
sources:
BID: 62094
TYPE
Boundary Condition Error
Trust: 0.3
sources:
BID: 62094
CREDITS
J. Alex Halderman
Trust: 0.3
sources:
BID: 62094
EXTERNAL IDS
| db: | CERT/CC | id: | VU#648646 | Trust: 0.3 |
| db: | NVD | id: | CVE-2013-3607 | Trust: 0.3 |
| db: | BID | id: | 62094 | Trust: 0.3 |
sources:
BID: 62094
REFERENCES
| url: | http://www.supermicro.com/about/ | Trust: 0.3 |
| url: | http://www.kb.cert.org/vuls/id/648646 | Trust: 0.3 |
| url: | http://support.citrix.com/article/ctx216642 | Trust: 0.3 |
sources:
BID: 62094
SOURCES
| db: | BID | id: | 62094 |
LAST UPDATE DATE
2022-07-27T09:18:54.090000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 62094 | date: | 2016-09-09T15:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 62094 | date: | 2013-08-30T00:00:00 |