Lucene search

MitreCVE-2007-6360

HistoryDec 15, 2007 - 1:46 a.m.

CVE-2007-6360

2007-12-1501:46:00

mitre

web.nvd.nist.gov

cve-2007-6360

sun

xscf

xcp

firmware

denial of service

remote attackers

sparc enterprise

m4000

m5000

m8000

m9000

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.063

Percentile

93.8%

JSON

Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.

Affected configurations

Nvd

Node

sunsparc_enterprise_serverMatchm4000

sunsparc_enterprise_serverMatchm5000

sunsparc_enterprise_serverMatchm8000

sunsparc_enterprise_serverMatchm9000

AND

sunextended_system_control_facility_xcp_1040firmware

VendorProductVersionCPE
sunsparc_enterprise_serverm4000cpe:2.3:h:sun:sparc_enterprise_server:m4000:*:*:*:*:*:*:*
sunsparc_enterprise_serverm5000cpe:2.3:h:sun:sparc_enterprise_server:m5000:*:*:*:*:*:*:*
sunsparc_enterprise_serverm8000cpe:2.3:h:sun:sparc_enterprise_server:m8000:*:*:*:*:*:*:*
sunsparc_enterprise_serverm9000cpe:2.3:h:sun:sparc_enterprise_server:m9000:*:*:*:*:*:*:*
sunextended_system_control_facility_xcp_1040*cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:*:*:firmware:*:*:*:*:*

Vendor	Product	Version	CPE
sun	sparc_enterprise_server	m4000	cpe:2.3:h:sun:sparc_enterprise_server:m4000:::::::*
sun	sparc_enterprise_server	m5000	cpe:2.3:h:sun:sparc_enterprise_server:m5000:::::::*
sun	sparc_enterprise_server	m8000	cpe:2.3:h:sun:sparc_enterprise_server:m8000:::::::*
sun	sparc_enterprise_server	m9000	cpe:2.3:h:sun:sparc_enterprise_server:m9000:::::::*
sun	extended_system_control_facility_xcp_1040	*	cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:::firmware:::::*

References

osvdb.org/40842

osvdb.org/40843

osvdb.org/40844

secunia.com/advisories/27926

securitytracker.com/id?1019048

sunsolve.sun.com/search/document.do?assetkey=1-26-103159-1

sunsolve.sun.com/search/document.do?assetkey=1-66-201333-1

www.securityfocus.com/bid/26712

www.vupen.com/english/advisories/2007/4098

exchange.xforce.ibmcloud.com/vulnerabilities/38860

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.063

Percentile

93.8%

JSON

Related for CVE-2007-6360