Manualshelf

Release Notes

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Blade Servers Version 3.85
3456789101112
iDRAC6 v3.85.03 11
Issue 26
Description
The remote host supports IPMI v2.0. The Intelligent Platform Management Interface (IPMI) protocol is affected by
an information disclosure vulnerability due to the support of RMCP+ Authenticated Key-Exchange Protocol (RAKP)
authentication. A remote attacker can obtain password hash information for valid user accounts via the HMAC from
a RAKP message 2 response from a BMC.
Resolution
There is no patch for this vulnerability it is an inherent problem with the specification for IPMI v2.0. Suggested
mitigations include:
Disabling IPMI over LAN if it is not needed.
Using strong passwords to limit the successfulness of off-line dictionary attacks.
Using Access Control Lists (ACLs) or isolated networks to limit access to your IPMI management
interfaces.
Versions/Systems affected
All iDRAC6 supported PowerEdge systems.
Limitations
When connecting to the iDRAC web interface using browsers supporting localized languages, some popups may
have generic messages that are not localized in the title such as: "The page at //10.35.155.207 says:". This is a
browser limitation and cannot be changed in the iDRAC.
Installation
Installation and Configuration Notes
For more information about iDRAC6, including installation and configuration information, see the Integrated Dell
Remote Access Controller 6 (iDRAC6) Enterprise for Blade Servers Version 3.50 User Guide and the Dell
OpenManage Server Administrator User's Guide. These documents are located on the Dell Support website at
dell.com/support/manuals.
Upgrade
If you are upgrading from iDRAC6 versions 2.1 or 2.2, you must first install iDRAC6 version 2.30 or 2.31 before
installing the 3.30 version. If you are upgrading from the iDRAC6 versions older than 3.40, there can be a firmware
update issue with Microsoft Internet Explorer.
Note: This issue started with Microsoft security update KB2618444 and fixed in iDRAC 3.40 release.
Resolution:
Upgrade 3.40 or higher firmware version using browsers other than IE or update firmware using other interfaces.
After updating 3.40 or higher firmware version using workaround methods, the subsequent firmware updates is
successful with all supported methods.
Uninstallation
Use the rollback feature to uninstall iDRAC6 version 3.85.
System purchased with new eMMC cards and 3.30 iDRAC6 firmware version, firmware downgrades are
not allowed to lower version.
On certain hardware configurations, based on the firmware release, firmware downgrades are not allowed.