Vulnerability Bulletins |
Compromiso root en el servidor Sun Fire X2100 M2 y Sun Fire X2200 M2 |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Compromiso Root |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Networking |
| Affected software |
Sun Fire X2100 M2 Server Sun Fire X2200 M2 Server |
Description |
|
|
Se ha encontrado una vulnerabilidad en los servidores X2100 M2 y X2200 M2. La vulnerabilidad reside en un error en el software Embedded Lights Out Manager. Un atacante remoto podría ejecutar comandos de forma arbitraria con privilegios de root en el Service Processor incorporado. |
|
Solution |
|
|
Actualización de software Sun (103127) Sun Fire X2100 M2 Server / firmware 2.70 from the 1.3 "Tools and Drivers" CD http://www.sun.com/servers/entry/x2100/downloads.jsp Sun Fire X2200 M2 Server / firmware 2.70 from the 1.3 "Tools and Drivers" CD http://www.sun.com/servers/x64/x2200/downloads.jsp |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2007-5717 |
| BID | 26250 |
Other resources |
|
|
Sun Alert Notification (103127) http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1 |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2007-10-30 |
| 1.1 | CVE añadido, BID añadido, XF añadido | 2008-08-22 |