| Name | CVE-2013-4786 |
| Description | The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol (RAKP) authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Design flaw in the IPMI 2.0 specification. Any correctly implemented device is vulnerable.
Contacted relevant maintainers: Since few to no devices do mutual authentication, tools shipped by Debian are generally not affected. At best, the tools can print a warning for vulnerable devices.