SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Embedded Server/Appliance)  >   Sun SPARC Enterprise Server Vendors:   Sun
Sun SPARC Enterprise Server May Ship in a Non-Secure Configuration
SecurityTracker Alert ID:  1021602
SecurityTracker URL:  http://securitytracker.com/id/1021602
CVE Reference:   CVE-2009-0171   (Links to External Site)
Updated:  Feb 9 2009
Original Entry Date:  Jan 15 2009
Impact:   Root access via network
Vendor Confirmed:  Yes  
Version(s): M4000/M5000
Description:   A vulnerability was reported in certain Sun SPARC Enterprise Servers. A remote user can gain root access on the target system.

Certain Sun SPARC Enterprise M4000 and M5000 servers are shipped with an incorrect configuration. As a result, the Fault Management Architecture (FMA) may not perform correctly, the SunMC will not be available, and remote users may be able to use the manufacturing root password to gain access to the target system.

Impact:   A remote user can gain root access on the target system.
Solution:   The vendor recommends opening a Sun Service Request to correct the manufacturing settings.

The vendor's advisory is available at:

http://sunsolve.sun.com/search/document.do?assetkey=1-66-249126-1

Vendor URL:  sunsolve.sun.com/search/document.do?assetkey=1-66-249126-1 (Links to External Site)
Cause:   Configuration error

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2022, SecurityGlobal.net LLC