Sun StorEdge/StorageTek 3510 FC Array FTP Service Remote DoS
2007-10-15T00:00:00
ID OSVDB:40168 Type osvdb Reporter OSVDB Modified 2007-10-15T00:00:00
Description
Solution Description
Upgrade to version 4.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): The FTP service to the array can be disabled using the Sun StorEdge Command-Line Interface (sccli(1M)), telnet(1), or serial port.
{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "## Solution Description\nUpgrade to version 4.21 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround(s): The FTP service to the array can be disabled using the Sun StorEdge Command-Line Interface (sccli(1M)), telnet(1), or serial port.\n## References:\nSecurity Tracker: 1018819\n[Secunia Advisory ID:27201](https://secuniaresearch.flexerasoftware.com/advisories/27201/)\nOther Advisory URL: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103106-1\nISS X-Force ID: 37221\nFrSIRT Advisory: ADV-2007-3507\n[CVE-2007-5482](https://vulners.com/cve/CVE-2007-5482)\nBugtraq ID: 26086\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:40168", "modified": "2007-10-15T00:00:00", "enchantments": {"score": {"value": 6.1, "vector": "NONE", "modified": "2017-04-28T13:20:36", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-5482"]}], "modified": "2017-04-28T13:20:36", "rev": 2}, "vulnersScore": 6.1}, "id": "OSVDB:40168", "title": "Sun StorEdge/StorageTek 3510 FC Array FTP Service Remote DoS", "edition": 1, "published": "2007-10-15T00:00:00", "type": "osvdb", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:PARTIAL/"}, "cvelist": ["CVE-2007-5482"], "lastseen": "2017-04-28T13:20:36"}
{"cve": [{"lastseen": "2020-10-03T11:45:54", "description": "Unspecified vulnerability in the FTP service in Sun StorEdge/StorageTek 3510 FC Array with firmware before 4.21 allows remote attackers, with access to the Ethernet management interface, to cause a denial of service (I/O request timeout and device hang) via unspecified vectors.", "edition": 3, "cvss3": {}, "published": "2007-10-16T23:17:00", "title": "CVE-2007-5482", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-5482"], "modified": "2017-07-29T01:33:00", "cpe": ["cpe:/h:sun:storagetek_3510:*", "cpe:/h:sun:storedge:*"], "id": "CVE-2007-5482", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-5482", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:P"}, "cpe23": ["cpe:2.3:h:sun:storedge:*:firmware_4.20:*:*:*:*:*:*", "cpe:2.3:h:sun:storagetek_3510:*:firmware_4.20:*:*:*:*:*:*"]}]}
