Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition | |||
|
|
Solution Type Sun Alert Sure Solution 1000937.1 : FTP Security Vulnerability May Cause a Denial of Service to Sun StorEdge 3510 Data Services
PreviouslyPublishedAs 201253 Product Sun StorageTek 3510 FC Array Bug Id <SUNBUG: 6382051> Date of Resolved Release 15-OCT-2007 Impact A security vulnerability in the firmware FTP service of the Sun StorEdge 3510 FC Array may allow a remote unprivileged user who has access to the management network to which the array's management Ethernet interface is connected, to make the array unresponsive to data services. This is a type of Denial of Service (DoS). Contributing Factors This issue can occur on the following platform:
Note: StorEdge 3510 arrays which are not connected to a network via the ethernet port are not affected by this issue. To determine the firmware revision on the StorEdge 3510, the following sccli(1M) command can be run: sccli> show inquiry Vendor: SUN Product: StorEdge 3510 Revision: 415F Peripheral Device Type: 0x0 ... Symptoms Should the described issue occur, the host (requesting the I/O services from the affected array) may report timeouts for I/O requests and may eventually offline the array. Messages similar to the following may appear in the array event log: Tue Jan 24 14:03:06 2007 [Primary] Warning Memory Not Sufficient to Fully Support Current Config ... Workaround It is strongly recommended that these arrays be placed on a private management network. The FTP service to the array can be disabled using the Sun StorEdge Command-Line Interface (sccli(1M)), telnet(1), or serial port. To disable FTP via SCCLI: sccli> set protocol ftp disable then verify the status: sccli> show protocol Identifier Status Port Parameters -------------------------------------- telnet enabled 23 inactivity-timeout=disabled http enabled 80 n/a https disabled n/a n/a ftp disabled n/a n/a <---- FTP is Disabled. ssh disabled n/a n/a priagent enabled 58632 n/a snmp disabled n/a n/a dhcp enabled 68 n/a ping enabled n/a n/a To disable FTP to the array via telnet/serial port: From the main menu, select: View and edit Configuration parameters -> Communication Parameters -> Network Protocol Support You will see a list of protocols and their status. From this list, select: FTP - Enabled and you will get a message prompting you to select "Yes" or "No" to Disable FTP. Select "Yes" and this will disable FTP to the array. There is no need to reset the array for this change to take effect. Resolution This issue is addressed in the following release: SPARC Platform
References<SUNPATCH: 113723-18>Previously Published As 103106 Internal Comments This issue was reproduced by Dothill and the workaround of disabling "ftp" for the array seems to be working. Internal Contributor/submitter sailesh.thanki@sun.com Internal Eng Business Unit Group NWS (Network Storage) Internal Eng Responsible Engineer michael.martinez@sun.com Internal Services Knowledge Engineer david.mariotto@sun.com Internal Escalation ID 1-14930119, 1-15144742 Internal Resolution Patches 113723-18 Internal Sun Alert Kasp Legacy ID 103106 Internal Sun Alert & FAB Admin Info Critical Category: Security ==> Vulnerability Significant Change Date: 2007-10-15 Avoidance: Patch Responsible Manager: tejinder.singh@sun.com Original Admin Info: [WF 15-Oct-2007, dave m: signoff, ok to release per Security] [WF 11-Oct-2007, dave m: final changes, send again for review/signoff] [Resubmitted 08-Oct-2007, dave m: rework original draft] [WF 05-Oct-2007, dave m: draft created, send today for 24hr review] Product_uuid 58553d0e-11f4-11d7-9b05-ad24fcfd42fa|Sun StorageTek 3510 FC Array ReferencesSUNPATCH:113723-18Attachments This solution has no attachment |
||||||||||||
|