CVE-2017-12542 – HP iLO 4 Authentication Bypass

An authentication bypass and execution of code vulnerability exits within all of HPE’s Integrated Lights-out 4 (iLO 4)  controllers prior to version 2.54.  This is triggered by a buffer overflow in how the web server handles the Connection HTTP header.  Unrestricted access to the REST API is possible allowing for administrative account creation.  With unrestricted […]

How to use DHCP Snooping on Cisco devices

This post will deal with the problem of DHCP attacks that can occur within an enterprise and how you can quickly and easily tighten security within a network. First off, attacks can be malicious or completely by accident without the end-user knowing what they are doing. Let’s say someone brings their home laptop to the […]