Описание
Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l" command, a different vulnerability than CVE-2008-4992.
Комментарий
http://sunsolve.sun.com/search/document.do?assetkey=1-26-243606-1
Note: The x86 Platform is not affected by this issue, as Logical Domains (LDoms) software is supported only on the Sun SPARC Platform.
Ссылки
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- PatchVendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l" command, a different vulnerability than CVE-2008-4992.
EPSS
4.6 Medium
CVSS2