|www.rodneybeede.com||"I would love to change the world, but they won't give me the source code" - unknown|
I've had success with using the exploits against some Cisco systems and SuperMicro servers. Of interesting note is that for the HP servers I've tested they are not vulnerable by default. I tested HP iLO 2, 3, and 4. HP appears to be the only vendor who has IPMI disabled by default (if IPMI is enabled then the HP iLO is vulnerable), and they also appear to be the only vendor who actually makes the default admin password a random 8-character value for each system. Of course if someone has physical access to the system they could read the password off of the tag so you have to be aware of securing that. I'd still recommend changing the default password anyway especially if you need to enable IPMI.
Hopefully a revision to IPMI 2.0 will come out that fixes the security shortcomings, but I don't expect vendors to be quick about providing firmware patches. The typical response is to isolate the BMC interfaces onto a separate and unique (V)LAN which you should be doing anyway.
The annoying part is that an attacker who exploits your IPMI can own the system even if you wipe and re-install the OS clean. It's the next best thing to physical access as it allows one to gain complete control over the system. IPMI can be a useful tool, but you may have to evaluate whether you really need or use it.