logo
DATABASE RESOURCES PRICING ABOUT US

Sun Integrated Lights-Out Manager (ILOM)验证绕过漏洞

Description

BUGTRAQ ID: 31861 CNCAN ID:CNCAN-2008102309 Sun Integrated Lights-Out Manager是一款管理、监视和控制服务处理机的应用程序。 Sun Integrated Lights-Out Manager存在一个未明错误,远程攻击者可以利用漏洞绕过验证,通过WEB接口访问服务处理器。 这允许用户关闭或重置系统,导致拒绝服务攻击。 Sun Sun Netra X4450 0 Sun Sun Netra X4250 0 Sun Sun Netra X4200 M2 0 Sun Sun Netra T5440 0 Sun Sun Netra T5220 0 Sun Sun Netra CP3260 0 Sun Sun Fire X4600 M2 0 Sun Sun Fire X4600 0 Sun Sun Fire X4540 0 Sun Sun Fire X4500 0 Sun Sun Fire X4450 0 Sun Sun Fire X4440 0 Sun Sun Fire X4250 0 Sun Sun Fire X4240 0 Sun Sun Fire X4200 M2 0 Sun Sun Fire X4200 0 Sun Sun Fire X4150 0 Sun Sun Fire X4140 0 Sun Sun Fire X4100 M2 0 Sun Sun Fire X4100 0 Sun Sun Fire X2250 0 Sun Sun Fire X2200 M2 Server 0 Sun Sun Blade X8450 0 Sun Sun Blade X8440 0 Sun Sun Blade X8420 0 Sun Sun Blade X8400 0 Sun Sun Blade X8000 P 0 Sun Sun Blade X8000 0 Sun Sun Blade X6450 0 Sun Sun Blade X6250 0 Sun Sun Blade X6220 0 Sun Sun Blade X6048 0 Sun Sun Blade X6000 0 Sun Sun Blade T6320 0 Sun SPARC Enterprise T5440 Server 0 - Sun Solaris 8 - Sun Solaris 7.0 - Sun Solaris 2.6_sparc Sun SPARC Enterprise T5240 Server 0 - Sun Solaris 8 - Sun Solaris 7.0 - Sun Solaris 2.6_sparc Sun SPARC Enterprise T5220 Server 0 - Sun Solaris 8 - Sun Solaris 7.0 - Sun Solaris 2.6_sparc Sun SPARC Enterprise T5140 Server 0 - Sun Solaris 8 - Sun Solaris 7.0 - Sun Solaris 2.6_sparc Sun SPARC Enterprise T5120 Server 0 - Sun Solaris 8 - Sun Solaris 7.0 - Sun Solaris 2.6_sparc 管理员可登录ILOM并通过命令行接口运行如下命令关闭服务: set /SP/services/http servicestate=disabled set /SP/services/https servicestate=disabled 可参考如下安全公告获得补丁信息: <a href=http://sunsolve.sun.com/search/document.do?assetkey=1-66-243486-1 target=_blank>http://sunsolve.sun.com/search/document.do?assetkey=1-66-243486-1</a>