Sun Microsystems, Inc.  Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-77-1000524.1
Update Date:2012-07-12
Keywords:

Solution Type  Sun Alert Sure

Solution  1000524.1 :   Sun Fire X2100/X2200 M2 Servers ELOM Software is Vulnerable to Arbitrary Command Execution  


Related Items
  • Sun Fire X2200 M2 Server
  •  
  • Sun Fire X2100 Server
  •  
Related Categories
  • PLA-Support>Sun Systems>Sun_Other>Sun Collections>SN-OTH: Sun Alert
  •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Criteria Category>Security
  •  
  • .Old GCS Categories>Sun Microsystems>Sun Alert>Release Phase>Resolved
  •  

PreviouslyPublishedAs
200667


Product
Sun Fire X2100 M2 Server
Sun Fire X2200 M2 Server

Bug Id
SUNBUG: 6502439

Date of Resolved Release
29-OCT-2007

***Checked for relevance on 12-Jul-2012***

Impact

A security vulnerability in the X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) software may allow remote unprivileged users the ability to execute arbitrary commands with root privileges on the embedded Service Processor (SP).


Contributing Factors

This issue can occur on the following platforms:

x86 Platform

  • Sun Fire X2100/X2200 M2 Servers without SP/BMC firmware version 2.70 (or later)

Notes:

  1. No other x64 systems are affected by this issue.
  2. The SPARC platform is not affected by this issue.

To determine the firmware version of the SP, the ipmitool(1M) utility can be run as in the following example:

    $ ipmitool -H <hostname> -U <username> mc info
    Device ID : 5
    Device Revision : 0
    Firmware Revision : 2.91
    IPMI Version              : 2.0

or the following command can be used at the CLI (logged in to the SP):

    /SP -> show /SP/AgentInfo
    /SP/AgentInfo
    ...
    Properties:
        HWVersion = 0
        FWVersion = 3.09

Symptoms

There are no reliable symptoms that would indicate this issue has been exploited.


Workaround

To prevent this issue from occurring, administrators can restrict access to the SP by either connecting only via the serial port or by connecting the Net Mgmt RJ-45 ethernet port to a private management network.

Additional information regarding management of the Sun Fire X2100/X2200 M2 Servers, ELOM, and ipmitool(1m) can be found in the "Embedded Lights Out Manager Administration Guide".


Resolution

This issue is addressed on the following platforms:

  • Sun Fire X2100 M2 Server with firmware version 2.70 from the 1.3 "Tools and Drivers" CD (or later) ISO image
  • Sun Fire X2200 M2 Server with firmware version 2.70 from the 1.3 "Tools and Drivers" CD (or later) ISO image
Downloads for all Software products are available at:

http://www.oracle.com/technetwork/indexes/downloads/sun-az-index-095901.html


Modification History:
Checked for relevance on 12-Jul-2012

Previously Published As
103127
Internal Comments
Internal Contributor/submitter
[email protected]
Internal Eng Business Unit Group
NSG (Network Systems Group)
Internal Eng Responsible Engineer
[email protected]
Internal Services Knowledge Engineer
[email protected]
questions regarding this document should be addressed to [email protected] Internal Escalation ID
1-20761745
Internal Sun Alert Kasp Legacy ID
103127

Attachments
This solution has no attachment
  Copyright © 2012 Sun Microsystems, Inc.  All rights reserved.
 Feedback