| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability CVE-2009-0171
Sun SPARC M4000/M5000: root access
Synthesis of the vulnerability
| An attacker can connect as root, on some Sun SPARC M4000/M5000 versions. |
Severity: 3/4.
Creation date: 15/01/2009.
Revision date: 20/01/2009.
|
Description of the vulnerability
Sun SPARC Enterprise Mx000 models contains XSCF (eXtended System Control Facility) to monitor the hardware and remotely administer it.
SPARC Enterprise M4000/M5000 servers manufactured between the 15th of September 2008 (beginning of week 38) and the 5th of December 2008 (end of week 49) are incorrectly configured. An attacker can connect to XSCFU without knowing the root password. Technical details are unknown.
An attacker can therefore administer some Sun SPARC M4000/M5000 versions. |
Complete Vigil@nce bulletin
Characteristics
Title: Sun SPARC M4000/M5000: root access.
Keywords: 15th 2008 5th Control December Enterprise Facility M4000 M5000 Mx000 PARC SPARC September Sun System XSCF XSCFU access eXtended root.
Identifiers: 249126, 6787023, BID-33280, CVE-2009-0171, VIGILANCE-VUL-8395.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer applications vulnerability
|
