FKIE_CVE-2008-5685

Vulnerability from fkie_nvd - Published: 2008-12-19 17:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets.
References
cve@mitre.orghttp://secunia.com/advisories/33158Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1021392
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-21-114527-12-1Patch
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-26-246746-1
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1019814.1-1
cve@mitre.orghttp://www.securityfocus.com/bid/32805
cve@mitre.orghttp://www.vupen.com/english/advisories/2008/3440
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33158Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1021392
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-21-114527-12-1Patch
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-26-246746-1
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019814.1-1
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/32805
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3440
Impacted products
Vendor Product Version
sun scapp 5.18
sun scapp 5.19
sun scapp 5.20.0
sun scapp 5.20.1
sun scapp 5.20.2
sun scapp 5.20.3
sun scapp 5.20.4
sun scapp 5.20.5
sun scapp 5.20.6
sun scapp 5.20.7
sun scapp 5.20.8
sun scapp 5.20.9
sun scapp 5.20.10
sun netra 1280
sun netra 1290
sun sun_fire 3800
sun sun_fire 4800
sun sun_fire 4810
sun sun_fire 6800
sun sun_fire e2900
sun sun_fire e4900
sun sun_fire e6900
sun sun_fire v1280
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A2551B-1787-40A5-AB51-6177A64AA46C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "25F877F4-682F-46D1-9F81-70C1FAF16A57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E9C8979-3A8D-4805-90B9-FD20F5153651",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "189EF850-2D37-4290-AC8C-B858C7C40471",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D2BBB49-5C60-4D88-8007-F10697A04636",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F6DF9B4-1E0D-49DB-81EC-193E980334CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FF9935A-851D-4B79-B8C7-F98C08FD9F0B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "316FCB5A-F03B-4D42-88D3-7CF75AB66CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D474BDB0-23BD-48E9-AF53-14E45B5D6B4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E58F2F5B-C150-4A91-9E67-3A718D35E7E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF6CD6B-C732-45F1-ACE5-989CB62FBB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "54C75370-48FF-4062-B82E-784DFE38E352",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:sun:scapp:5.20.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5CFDC9-0FEB-47E4-B934-34594E11CCBE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:sun:netra:1280:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C85E7E-BE58-4E4F-8D3D-D9532C60A0FC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:netra:1290:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD91C95B-01C7-4F4B-B3DB-5863389C4B62",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:3800:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D5F2D6-D0BF-4D6A-AB19-5C1301D71E8A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:4800:*:*:*:*:*:*:*",
              "matchCriteriaId": "D964A21B-E067-4D89-A5E0-339817CB8544",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:4810:*:*:*:*:*:*:*",
              "matchCriteriaId": "6759A24A-8ED7-4C60-92ED-2CE3D95DF6A3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:6800:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F5F659A-CAA8-488C-8C67-B95984055803",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:e2900:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A7FBA86-D5E3-40CC-8B0E-19911A9053B2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:e4900:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E6972D4-6DB6-4885-9083-7F79ED64CF04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:e6900:*:*:*:*:*:*:*",
              "matchCriteriaId": "43826816-BA22-4BD9-9943-4924F9E5FDCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:sun:sun_fire:v1280:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C258A35-787A-49FF-A7C4-39B11747EBF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets."
    },
    {
      "lang": "es",
      "value": "Sun ScApp firmware 5.18.x, 5.19.x, y 5.20.0 hasta la 5.20.10 en plataformas Sun Fire y Netra permite a atacantes remotos acceder al Controlador del Sistema(SC), a la consola del sistema y, posiblemente, al sistema operativo anfitri\u00f3n, y causar una denegaci\u00f3n de servicio (mediante apagado o reinicio), a trav\u00e9s de paquetes con IPs falsas."
    }
  ],
  "evaluatorImpact": "Note: This issue only impacts systems that have a System Controller V2 without SSH enabled.",
  "id": "CVE-2008-5685",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-12-19T17:30:03.250",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021392"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-114527-12-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-246746-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019814.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/32805"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/3440"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021392"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-21-114527-12-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-246746-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1019814.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/32805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/3440"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.