Vigil@nce: Sun Fire Server, IP spoofing on System Controller
December 2008 by Vigil@nce
An attacker can spoof his IP address to send commands to the
System Controller of Sun Fire or Netra servers.
– Gravity: 1/4
– Consequences: denial of service of computer
– Provenance: intranet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 15/12/2008
IMPACTED PRODUCTS
– OpenSolaris
– Sun Solaris
– Sun Trusted Solaris
– Unix - plateform
DESCRIPTION
The Sun Fire 3800/4800/4810/6800/E2900/E4900/E6900/V1280 and Netra
1280/1290 servers use a SC (System Controller) to
parameter/monitor the hardware.
The "setupnetwork" command of SC can be used to set an IP
administration address.
An attacker can then send SC commands by spoofing his IP address.
An attacker can thus for example restart the system.
CHARACTERISTICS
– Identifiers: 246746, 6707931, BID-32805, VIGILANCE-VUL-8332
– Url: http://vigilance.fr/vulnerability/8332