Sun StorEdge Array Bug in FTP Service Lets Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1018819 |
|
SecurityTracker URL: http://securitytracker.com/id/1018819
|
|
CVE Reference:
CVE-2007-5482
(Links to External Site)
|
Updated: Mar 19 2008
|
Original Entry Date: Oct 16 2007
|
Impact:
Denial of service via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): Sun StorageTek 3510 FC Array; firmware prior to 4.21
|
Description:
A vulnerability was reported in StorEdge Array. A remote user can cause denial of service conditions.
A remote user with access to the Ethernet management interface of the target Sun StorEdge 3510 FC Array can exploit a flaw in the FTP service to cause the array to become unresponsive to data services.
|
Impact:
A remote user can cause the target array to become unresponsive to data services.
|
Solution:
Sun has issued the following fix.
SPARC Platform
* Sun StorEdge 3510 (FC) Array with firmware version 4.21 (as delivered in patch 113723-18 or later)
The Sun advisory is available at:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1
|
Vendor URL: sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1 (Links to External Site)
|
Cause:
Resource error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 15 Oct 2007 16:28:05 -0400
Subject: FTP Security Vulnerability May Cause a Denial of Service to Sun StorEdge 3510 Data Services
|
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1
|
|
