SN#18735 Embedded Lights Out Manager Vulnerable to Unauthorized Access
SYSTEM NEWS FOR SUN USERS
Vol 116 Issue 2 2007-10-08 Article 18735 from section "Security"
ELOM in Sun Fire X2100 M2 and X2200 M2 Susceptible
A workaround has been issued to ensure remote unprivileged users
cannot access the Embedded Lights Out Manager (ELOM) for the Sun Fire
X2100 M2 and Sun Fire X2200 M2 servers. A vulnerability in the ELOM
software could allow users to initiate unauthorized network traffic
from the embedded service processor (SP), which could serve as a
proxy to send unsolicited bulk e-mail (spam). This issue has also
been resolved in SP/BMC firmware version 3.09.
Details at [url]http://sun.systemnews.com/g?A=18735[/url]
Have a custom version of 'System News for Sun Users' delivered to you
via email each week in PDF, text or HTML. Only the sections that you
select will be included in your copy of the news magazine. Subscribe at
(c) 2005 System News, Inc. [url]http://www.systemnews.com[/url]