All the vulnerabilites related to sun - sparc_enterprise_server
cve-2007-6360
Vulnerability from cvelistv5
Published
2007-12-15 01:00
Modified
2024-08-07 16:02
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.
References
| ▼ | URL | Tags |
|---|---|---|
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.securityfocus.com/bid/26712 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1019048 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/38860 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/40843 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/27926 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/40844 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/4098 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/40842 | vdb-entry, x_refsource_OSVDB | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.271Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "103159",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1"
},
{
"name": "26712",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26712"
},
{
"name": "1019048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019048"
},
{
"name": "sparc-enterprise-xcp-firmware-dos(38860)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38860"
},
{
"name": "40843",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40843"
},
{
"name": "27926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27926"
},
{
"name": "40844",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40844"
},
{
"name": "ADV-2007-4098",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4098"
},
{
"name": "40842",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/40842"
},
{
"name": "201333",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "103159",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1"
},
{
"name": "26712",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26712"
},
{
"name": "1019048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019048"
},
{
"name": "sparc-enterprise-xcp-firmware-dos(38860)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38860"
},
{
"name": "40843",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40843"
},
{
"name": "27926",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27926"
},
{
"name": "40844",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40844"
},
{
"name": "ADV-2007-4098",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4098"
},
{
"name": "40842",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/40842"
},
{
"name": "201333",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6360",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "103159",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1"
},
{
"name": "26712",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26712"
},
{
"name": "1019048",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019048"
},
{
"name": "sparc-enterprise-xcp-firmware-dos(38860)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38860"
},
{
"name": "40843",
"refsource": "OSVDB",
"url": "http://osvdb.org/40843"
},
{
"name": "27926",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27926"
},
{
"name": "40844",
"refsource": "OSVDB",
"url": "http://osvdb.org/40844"
},
{
"name": "ADV-2007-4098",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4098"
},
{
"name": "40842",
"refsource": "OSVDB",
"url": "http://osvdb.org/40842"
},
{
"name": "201333",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6360",
"datePublished": "2007-12-15T01:00:00",
"dateReserved": "2007-12-14T00:00:00",
"dateUpdated": "2024-08-07T16:02:36.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-0171
Vulnerability from cvelistv5
Published
2009-01-16 21:00
Modified
2024-08-07 04:24
Severity ?
EPSS score ?
Summary
The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/0207 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/33280 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1021602 | vdb-entry, x_refsource_SECTRACK | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1 | vendor-advisory, x_refsource_SUNALERT |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T04:24:18.185Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0207",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0207"
},
{
"name": "33280",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/33280"
},
{
"name": "1021602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021602"
},
{
"name": "249126",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-01-28T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0207",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0207"
},
{
"name": "33280",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/33280"
},
{
"name": "1021602",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021602"
},
{
"name": "249126",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-0171",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0207",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0207"
},
{
"name": "33280",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/33280"
},
{
"name": "1021602",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021602"
},
{
"name": "249126",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-0171",
"datePublished": "2009-01-16T21:00:00",
"dateReserved": "2009-01-16T00:00:00",
"dateUpdated": "2024-08-07T04:24:18.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1369
Vulnerability from cvelistv5
Published
2008-03-18 17:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2008/0810/references | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41332 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/29529 | third-party-advisory, x_refsource_SECUNIA | |
| http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1 | vendor-advisory, x_refsource_SUNALERT | |
| http://www.securitytracker.com/id?1019708 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/28469 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.670Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-0810",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0810/references"
},
{
"name": "sparc-configuration-privilege-escalation(41332)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41332"
},
{
"name": "29529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29529"
},
{
"name": "231244",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1"
},
{
"name": "1019708",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019708"
},
{
"name": "28469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28469"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2008-0810",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0810/references"
},
{
"name": "sparc-configuration-privilege-escalation(41332)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41332"
},
{
"name": "29529",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29529"
},
{
"name": "231244",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1"
},
{
"name": "1019708",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019708"
},
{
"name": "28469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28469"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1369",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-0810",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0810/references"
},
{
"name": "sparc-configuration-privilege-escalation(41332)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41332"
},
{
"name": "29529",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29529"
},
{
"name": "231244",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1"
},
{
"name": "1019708",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019708"
},
{
"name": "28469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28469"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1369",
"datePublished": "2008-03-18T17:00:00",
"dateReserved": "2008-03-18T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.670Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-03-18 17:44
Modified
2024-11-21 00:44
Severity ?
Summary
A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | sunos | 5.10 | |
| sun | sparc_enterprise_server | t5120 | |
| sun | sparc_enterprise_server | t5220 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E75493D0-F060-4CBA-8AB0-C4FE8B2A8C9B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:t5120:*:*:*:*:*:*:*",
"matchCriteriaId": "249D6284-3527-4947-BE67-42A2897AF79E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:t5220:*:*:*:*:*:*:*",
"matchCriteriaId": "E7668A99-3F78-4D35-A500-102D67FFB29D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A certain incorrect Sun Solaris 10 image on SPARC Enterprise T5120 and T5220 servers has /etc/default/login and /etc/ssh/sshd_config files that configure root logins in a manner unintended by the vendor, which allows remote attackers to gain privileges via unspecified vectors."
},
{
"lang": "es",
"value": "Alguna imagen incorrecta de Sun Solaris 10 sobre servidores SPARC Enterprise T5120 y T5220 tiene los ficheros /etc/default/login y /etc/ssh/sshd_config que configuran los logins de root de una forma involuntaria por parte del fabricante, permite a atacantes remotos obtener privilegios a trav\u00e9s de vectores desconocidos."
}
],
"evaluatorComment": "Sun link will not execute.",
"id": "CVE-2008-1369",
"lastModified": "2024-11-21T00:44:23.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-03-18T17:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/29529"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28469"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019708"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/0810/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41332"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/29529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-231244-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0810/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41332"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-12-15 01:46
Modified
2024-11-21 00:39
Severity ?
Summary
Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | sparc_enterprise_server | m4000 | |
| sun | sparc_enterprise_server | m5000 | |
| sun | sparc_enterprise_server | m8000 | |
| sun | sparc_enterprise_server | m9000 | |
| sun | extended_system_control_facility_xcp_1040 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m4000:*:*:*:*:*:*:*",
"matchCriteriaId": "B468360C-95CA-4352-85A7-01C1C305A8F8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m5000:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C3786A-174C-408A-A2C6-0EE7515BCF30",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m8000:*:*:*:*:*:*:*",
"matchCriteriaId": "23345612-0535-4817-BCD1-B01C830939BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m9000:*:*:*:*:*:*:*",
"matchCriteriaId": "6616D5A6-9503-4898-B41C-F106D9D7C34E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:*:*:firmware:*:*:*:*:*",
"matchCriteriaId": "2279020F-1A9A-4F75-8C25-1E2918751859",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Sun eXtended System Control Facility (XSCF) Control Package (XCP) versiones anteriores de firmware a 1050 de servidores SPARC Enterprise M4000, M5000, M8000, y M9000 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio) mediante tr\u00e1fico de red (1) telnet, (2) ssh, \u00f3 (3) http que dispara agotamiento de memoria."
}
],
"id": "CVE-2007-6360",
"lastModified": "2024-11-21T00:39:57.737",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-12-15T01:46:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/40842"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/40843"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/40844"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27926"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1019048"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26712"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/4098"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38860"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40843"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/40844"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27926"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1019048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/26712"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/4098"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38860"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-01-16 21:30
Modified
2024-11-21 00:59
Severity ?
Summary
The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sun | sparc_enterprise_server | m4000 | |
| sun | sparc_enterprise_server | m5000 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m4000:*:*:*:*:*:*:*",
"matchCriteriaId": "B468360C-95CA-4352-85A7-01C1C305A8F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sun:sparc_enterprise_server:m5000:*:*:*:*:*:*:*",
"matchCriteriaId": "C2C3786A-174C-408A-A2C6-0EE7515BCF30",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Sun SPARC Enterprise M4000 and M5000 Server, within a certain range of serial numbers, allows remote attackers to use the manufacturing root password, perform a root login to the eXtended System Control Facility Unit (aka XSCFU or Service Processor), and have unspecified other impact."
},
{
"lang": "es",
"value": "Los servidores Sun SPARC Enterprise M4000 y M5000, dentro de un cierto rango de n\u00fameros de serie, permite a los atacantes remotos utilizar la contrase\u00f1a root de fabricaci\u00f3n, realizar un inicio de sesi\u00f3n root en eXtended System Control Facility Unit (tambi\u00e9n se conoce como XSCFU o procesador de servicios), y tener otro impacto no especificado."
}
],
"id": "CVE-2009-0171",
"lastModified": "2024-11-21T00:59:16.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-01-16T21:30:03.563",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/33280"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021602"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0207"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-249126-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/33280"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0207"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}