Denial of Service Vulnerability in HP Integrated Lights-Out Remote Management
CVE-2004-0525

Currently unrated

Key Information:

Vendor: HP
Status: Integrated Lights-out Firmware
Vendor: CVE Published:; 6 August 2004

What is CVE-2004-0525?

The HP Integrated Lights-Out (iLO) prior to version 1.55 is susceptible to a denial of service condition due to improper handling of TCP/IP reserved port zero. An attacker can exploit this vulnerability by accessing the iLO interface, leading to a hang situation that interrupts the availability of the management system. This can impact the ability of system administrators to manage and monitor the server, ultimately affecting operational continuity.

References

http://www.securityfocus.com/bid/10415

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/16251

vdb-entryx_refsource_XF

http://seclists.org/lists/bugtraq/2004/May/0281.html

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 6, 2004
Vulnerability Reserved
Jun 3, 2004