Denial of Service Vulnerability in Sun eXtended System Control Facility on SPARC Enterprise Servers
CVE-2007-6360

Currently unrated

Key Information:

Vendor: Oracle
Status: Extended System Control Facility Xcp 1040
Vendor: CVE Published:; 15 December 2007

Summary

The Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware prior to version 1050 is susceptible to a denial of service vulnerability that can be exploited by remote attackers. By leveraging telnet, ssh, or HTTP network traffic, an attacker can trigger memory exhaustion within the firmware, causing a reboot of the affected SPARC Enterprise servers. This can lead to significant service interruptions, impacting business operations and efficiency.

References

http://sunsolve.sun.com/search/document.do?assetkey=1-26-...

vendor-advisoryx_refsource_SUNALERT

http://www.securityfocus.com/bid/26712

vdb-entryx_refsource_BID

http://securitytracker.com/id?1019048

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Dec 15, 2007
Vulnerability Reserved
Dec 14, 2007