Secunia Logo  


Secunia PSI WorldMap
 
Sun SPARC System Firmware Unauthorised Data Access
Secunia Advisory: SA32582
Release Date: 2008-11-07
Last Update: 2008-11-11
Popularity: 1,963 views

Critical:
Not critical
Impact: Security Bypass
Where: Local system
Solution Status: Vendor Patch

OS:Sun System Firmware 6.6.x
Sun System Firmware 7.1.x

Secunia CVSS-2 Score: Available in Secunia business solutions

Subscribe: Instant alerts on relevant vulnerabilities


Advisory Content (Page 1 of 3)[ 1 ] [ 2 ] [ 3 ]

Description:
A vulnerability has been reported in Sun System Firmware, which can be exploited by malicious, local users to bypass certain security restrictions.

The vulnerability is caused due to an unspecified error in the firmware for certain Sun SPARC systems, which can be exploited by privileged users to access memory in another logical domain.

The vulnerability affects systems using the Sun UltraSPARC T1, UltraSPARC T2, and UltraSPARC T2+ processors.

The vulnerability is reported in the following products and firmware versions:
* Sun SPARC Enterprise T5140/T5240 running Sun System Firmware 7.1.3.d or 7.1.3.e
* Sun Netra T5220 running Sun System Firmware 7.1.3
* Sun SPARC Enterprise T5120/T5220 running Sun System Firmware 7.1.3.d or 7.1.3.e
* Sun Blade T6320 running Sun System Firmware 7.1.3.d or 7.1.3.e
* Sun Fire / SPARC Enterprise T2000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
* Sun Fire / SPARC Enterprise T1000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
* Sun Netra T2000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
* Sun Netra CP3060 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
* Sun Blade T6300 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5

Change Page:
[ 1 ] [ 2 ] [ 3 ]



Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Sun Java JDK / JRE Multiple Vulnerabilities // 53 views
2. Adobe Flash Player Multiple Vulnerabilities // 47 views
3. Internet Explorer Charset Inheritance Cross-Site Scripting Vulnerability // 40 views
4. Microsoft Windows Win32k Kernel-Mode Driver Multiple Vulnerabilities // 29 views
5. Adobe Reader/Acrobat Multiple Vulnerabilities // 26 views
6. Debian update for pidgin // 24 views
7. Google Chrome Two Vulnerabilities // 19 views
8. PHPCentral Poll "_SERVER[DOCUMENT_ROOT]" File Inclusion // 18 views
9. Windows Web Services on Devices API Memory Corruption Vulnerability // 17 views
10. Apple Safari Multiple Vulnerabilities // 16 views