Solaris 10 (sparc) : 139396-02 (deprecated)

Logical Domains LDoms Manager 1.0.1 ldmd patch. Date this patch was last updated by Sun : Nov/11/08 This plugin has been deprecated and either replaced with individual 139396 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@...

CVE-2008-5099

Sun Logical Domain Manager aka LDoms Manager or ldm 1.0 through 1.0.3 displays the value of the OpenBoot PROM OBP security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l"...

Command injection

Sun Logical Domain Manager aka LDoms Manager or ldm 1.0 through 1.0.3 displays the value of the OpenBoot PROM OBP security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l"...

CVE-2008-5099

CVE-2008-5099 affects Sun Logical Domain Manager (LDoms) 1.0–1.0.3. The vulnerability allows local users to read the OBP security-password in cleartext via the improper use of the ldm ls -l command, bypassing SPARC firmware password protection and potentially gaining privileges or data access. Re...