Apple announced a firmware update for Intel-based Xserve systems this afternoon. A security vulnerability in Apple’s implementation of IPMI could allow an unprivileged ipmitool user to gain administrative privileges on an Xserve system (CVE-2007-2387). The Xserve Lights-Out Management Firmware Update 1.0 addresses this vulnerability. Further information can be found on the Apple Product Security web site.
Get Slaptijack updates delivered to your Inbox or RSS Reader for free!