[NEWS] Intel D845HV/WN/PT Series Motherboard Vulnerability
From: support@securiteam.comDate: 04/26/02
- Previous message: support@securiteam.com: "[NEWS] De-Anonymizer (SCRIPT Bypassing)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Fri, 26 Apr 2002 08:34:15 +0200 (CEST)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Intel D845HV/WN/PT Series Motherboard Vulnerability
------------------------------------------------------------------------
SUMMARY
A security vulnerability in Intel's motherboard allows local attackers to
choose the boot device even if does not have the BIOS password required
for such alteration.
DETAILS
Affected systems:
* Intel D845HV / WN (tested on BIOS revisions P05-0022, P09-0035,
P10-0038) and D845PT (tested on BIOS P01-0012) Pentium 4 motherboards
If the user hits the F8 key during the POST, they are presented with a
"Please select boot device" dialog, enabling them to boot off any bootable
device in the PC (FDD, HDD, CDROM, Network, etc).
This dialog is obtainable regardless of whether a Supervisor password has
been set in the BIOS, and the "User Access Level" does not affect the
user's ability to boot from an alternate device.
This is obviously a concern to any administrator who does not want users
to be able to boot from an alternate device, as this could enable
different software / OS to be installed, it enables boot sector viral
infection, and can give the user better access to the PC's file system.
Workaround:
To stop the user from being able to boot off alternate devices, follow
this procedure:
Set a Supervisor password in the BIOS, and set the User access level to
"No Access"
In the BOOT options, Boot Device Priority, disable everything except the
Hard Disk (as you normally would).
In the Removable Drives and ATAPI CD-ROM Drives option, disable all shown
devices. Also, disable any other hard drives that may be in the PC (other
than the one you want to boot from).
Save and Exit.
The user can still press F8, and get the boot option dialogue with all
available devices listed, but regardless of which device they select the
PC will boot from the hard disk.
Intel are working on a new BIOS release which will completely remove (or
allow you to disable) the F8 option.
ADDITIONAL INFORMATION
The information has been provided by <mailto:bugtraq@daveo.co.uk> Dave
Oliver.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[NEWS] De-Anonymizer (SCRIPT Bypassing)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
