Sun Microsystems, Inc.  Sun System Handbook - ISO 3.4 June 2011 Internal/Partner Edition
   Home | Current Systems | Former STK Products | EOL Systems | Components | General Info | Search | Feedback

Asset ID: 1-77-1019673.1
Update Date:2011-02-25
Keywords:

Solution Type  Sun Alert Sure

Solution  1019673.1 :   A Security Vulnerability in the Sun Integrated Lights-Out Manager (ILOM) may Allow Unauthorized Access Through the Web Interface  


Related Items
  • Sun SPARC Enterprise T5440 Server
  •  
  • Sun SPARC Enterprise T5240 Server
  •  
  • Sun SPARC Enterprise T5220 Server
  •  
  • Sun SPARC Enterprise T5140 Server
  •  
  • Sun SPARC Enterprise T5120 Server
  •  
Related Categories
  • GCS>Sun Microsystems>Sun Alert>Criteria Category>Security
  •  
  • GCS>Sun Microsystems>Sun Alert>Release Phase>Resolved
  •  

PreviouslyPublishedAs
243486


Bug Id
SUNBUG: 6732655

Product
Sun SPARC Enterprise T5120 Server
Sun SPARC Enterprise T5220 Server
Sun SPARC Enterprise T5140 Server
Sun SPARC Enterprise T5240 Server
Sun SPARC Enterprise T5440 Server
Sun Blade T6320
Sun Netra T5220
Sun Netra T5440
Sun Netra CP3260
Sun Netra CT900 ATCA Blade Server
Sun Fire X2250
Sun Fire X4100
Sun Fire X4100 M2
Sun Fire X4140
Sun Fire X4150
Sun Fire X4200
Sun Fire X4200 M2
Sun Fire X4240
Sun Fire X4250
Sun Fire X4440

Product
Sun Fire X4450
Sun Fire X4500
Sun Fire X4540
Sun Fire X4600
Sun Fire X4600 M2
Sun Blade X6000
Sun Blade X6048
Sun Blade X6220
Sun Blade X6250
Sun Blade X6450
Sun Blade X8000
Sun Blade X8000 P
Sun Blade X8400
Sun Blade X8420
Sun Blade X8440
Sun Blade X8450
Sun Netra X4200 M2
Sun Netra X4250
Sun Netra X4450

Date of Resolved Release
21-Oct-2008

A security vulnerability in the Sun Integrated Lights-Out Manager (ILOM):

1. Impact

A security vulnerability in the Sun Integrated Lights-Out Manager (ILOM) may allow unprivileged users who have access to the ILOM web interface to gain unauthorized access to the service processor (SP). This may allow such users to power off or reset the system which is a type of Denial of Service (DoS).

On Sun servers and Sun Blades, this issue may also allow unprivileged users who have access to the ILOM web interface to gain unauthorized access to the host operating system.

2. Contributing Factors

This issue can occur on the following platforms:
  • Sun SPARC Enterprise T5120 Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun SPARC Enterprise T5220 Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun SPARC Enterprise T5140 Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun SPARC Enterprise T5240 Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun SPARC Enterprise T5440 Server with firmware 7.1.5.b (ILOM 2.0.4.25) or earlier
  • Sun Blade T6320 Server Module with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun Netra T5220 Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun Netra T5440 Server with firmware 7.1.4.a (ILOM 2.0.4.24.a) or earlier
  • Sun Netra CP3260/CT900 ATCA Blade Server with firmware 7.1.6 (ILOM 2.0.4.26) or earlier
  • Sun Fire X4100 Server with SW 1.5.1 (ILOM 2.0.2.5 build 32265) or earlier
  • Sun Fire X4200 Server with SW 1.5.1 (ILOM 2.0.2.5 build 32265) or earlier
  • Sun Fire X4100M2 Server with SW 2.1 (ILOM 2.0.2.10 build 35249) or earlier
  • Sun Fire X4200M2 Server with SW 2.1 (ILOM 2.0.2.10 build 35249) or earlier
  • Sun Fire X4600 Server with SW 1.4 (ILOM 2.0.2.5 build 32265) or earlier
  • Sun Fire X4600M2 Server with SW 2.1.2 (ILOM 2.0.2.5 build 32591) or earlier
  • Sun Fire X4500 Server with SW 1.5 (ILOM 2.0.2.5 build 34717) or earlier
  • Sun Fire X4540 Server with SW 1.0 (ILOM 2.0.2.5 build 32394)
  • Sun Fire X4140 Server with SW 2.1 (ILOM 2.0.2.5 build 34) or earlier
  • Sun Fire X4240 Server with SW 2.1 (ILOM 2.0.2.5 build 34) or earlier
  • Sun Fire X4440 Server with SW 2.1 (ILOM 2.0.2.5 build 34) or earlier
  • Sun Fire X2250 Server with SW 1.1 (ILOM 2.0.2.8 build 33864) or earlier
  • Sun Fire X4150 Server with SW 2.0 (ILOM 2.0.2.6 build 35128) or earlier
  • Sun Fire X4250 Server with SW 1.1 (ILOM 2.0.2.6 build 35128) or earlier
  • Sun Fire X4450 Server with SW 2.1.0 (ILOM 2.0.2.6 Build 36202) or earlier
  • Sun Blade 6000 Modular System with Chassis 2.0 (ILOM 2.0.3.3 build 33795) or earlier
  • Sun Blade 6048 Modular System with Chassis 2.0 (ILOM 2.0.3.3 build 33795) or earlier
  • Sun Blade X6220 with Server Module Software 2.0 (ILOM 2.0.3.3 build 34514) or earlier
  • Sun Blade X6250 with Server Module Software 2.0 (ILOM 2.0.3.6 build 36279)
  • Sun Blade X6450 with Server Module Software 2.0 (ILOM 2.0.3.6 build 36472)
  • Sun Blade 8000 Modular System with Software 2.1.1 (ILOM 2.0.1.8) or earlier
  • Sun Blade 8000P Modular System with Software 2.1.1 (ILOM 2.0.1.8) or earlier
  • Sun Blade X8400 with Software 2.0.2 (ILOM 2.0.1.5) or earlier
  • Sun Blade X8420 with Software 2.0.2 (ILOM 2.0.1.5) or earlier
  • Sun Blade X8440 with Software 2.0.2 (ILOM 2.0.1.5) or earlier
  • Sun Blade X8450 with Software 2.1 (ILOM 2.0.1.7) or earlier
  • Sun Netra X4200M2 Server with SW 2.1 (ILOM 2.0.5.2 build 35521) or earlier
  • Sun Netra X4250 Server with SW 1.1 (ILOM 2.0.2.6 build 35369) or earlier
  • Sun Netra X4450 with SW 1.1 (ILOM 2.0.2.6 build 35369) or earlier
To determine the ILOM firmware version installed on your system, use the "version" command in the ILOM command-line interface:
    SP firmware 2.0.2.5
SP firmware build number: 32265
SP firmware date: Fri Apr 25 20:35:59 PDT 2008
SP filesystem version: 0.1.14
The first line of the above output provides the ILOM version. The second line provides the build number for that ILOM version.

3. Symptoms

There are no predictable symptoms to indicate that this issue has been exploited to gain unauthorized remote access to the SP or the system.

4. Workaround

To work around the described issue until the firmware upgrades are applied, disable the ILOM web interface by logging into ILOM though the command line interface as a user with admin privileges and run the following commands:
    set /SP/services/http servicestate=disabled
set /SP/services/https servicestate=disabled
5. Resolution

New system firmware versions are available for impacted platforms to address this vulnerability.

For SPARC platforms, new system firmware is available though SunSolve patches. See the list below for the SunSolve patch id for each SPARC platform:

SPARC Platform
  • Sun SPARC Enterprise T5120/T5220 Server with patch 136932-05 (SysFW 7.1.6.d, ILOM 2.0.4.26.d) or later
  • Sun SPARC Enterprise T5140/T5240 Server with patch 136936-08 (SysFW 7.1.6.d, ILOM 2.0.4.26.d) or later
  • Sun SPARC Enterprise T5440 Server with patch 136937-02 (SysFW 7.1.5.c, ILOM 2.0.4.25.a) or later
  • Sun Blade T6320 Server Module with patch 136933-07 (SysFW 7.1.6.d, ILOM 2.0.4.26.d) or later
  • Sun Netra T5220 Server with patch 136934-06 (SysFW 7.1.6.d, ILOM 2.0.4.26.d) or later
  • Sun Netra T5440 Server with patch 136938-02 (SysFW 7.1.6.e, ILOM 2.0.4.26.e) or later
  • Sun Netra CP3260 ATCA Blade Server with patch 136935-03 (SysFW 7.1.6.f, ILOM 2.0.4.26.f) or later
  • Sun Netra CT900 ATCA Blade Server (Sun Netra CP3260 ATCA Blade: SysFW 7.1.6.f, ILOM 2.0.4.26.f) with patch 139280-02 or later
For x64 platforms, new system firmware is available for download at:
See the platform names below for specific system firmware and link information:

Sun Fire X4100/X4200/X4100M2/X4200M2
  • Sun Fire X4100 Server with SW 1.5.2 (ILOM 2.0.2.5 build 37165) or later
  • Sun Fire X4200 Server with SW 1.5.2 (ILOM 2.0.2.5 build 37165) or later
  • Sun Fire X4100M2 Server with SW 2.1.1 (ILOM 2.0.2.10 build 37108) or later
  • Sun Fire X4200M2 Server with SW 2.1.1 (ILOM 2.0.2.10 build 37108) or later
http://www.sun.com/servers/x64/x4100/downloads

Sun Fire X4600/X4600M2
  • Sun Fire X4600 Server with SW 1.4.1 (ILOM 2.0.2.5 build 37165) or later
  • Sun Fire X4600M2 Server with SW 2.1.3 (ILOM 2.0.2.5 build 37115) or later
http://www.sun.com/servers/x64/x4600/downloads.jsp

Sun Fire X4500
  • Sun Fire X4500 Server with SW 1.5.1 (ILOM 2.0.2.5 build 37042) or later
http://www.sun.com/servers/x64/x4500/downloads.jsp

Sun Fire X4540
  • Sun Fire X4540 Server with SW 1.0.1 (ILOM 2.0.2.5 build 37049) or later
http://www.sun.com/servers/x64/x4540/downloads.jsp

Sun Fire X4140
  • Sun Fire X4140 Server with SW 2.1.1 (ILOM 2.0.2.5 build 37) or later
http://www.sun.com/servers/x64/x4140/downloads.jsp

Sun Fire X4240
  • Sun Fire X4240 Server with SW 2.1.1 (ILOM 2.0.2.5 build 37) or later
http://www.sun.com/servers/x64/x4240/downloads.jsp

Sun Fire X4440
  • Sun Fire X4440 Server with SW 2.1.1 (ILOM 2.0.2.5 build 37) or later
http://www.sun.com/servers/x64/x4440/downloads.jsp

Sun Fire X2250
  • Sun Fire X2250 Server with SW 1.1.1 (ILOM 2.0.2.12 build 37040) or later
http://www.sun.com/servers/x64/x2250/downloads.jsp

Sun Fire X4150
  • Sun Fire X4150 Server with SW 2.1.0 (ILOM 2.0.2.6 build 36843) or later
http://www.sun.com/servers/x64/x4150/downloads.jsp

Sun Fire X4250
  • Sun Fire X4250 Server with SW 1.2.0 (ILOM 2.0.2.6 build 36843) or later
http://www.sun.com/servers/x64/x4250/downloads.jsp

Sun Fire X4450
  • Sun Fire X4450 Server with SW 2.2.0 (ILOM 2.0.2.6 build 37007) or later
http://www.sun.com/servers/x64/x4450/downloads.jsp

Fixes for the following Sun Blade and Blade chassis are available for download at:
See the platform names below for specific system firmware:
  • Sun Blade 6000 Modular System with Chassis 2.1 (ILOM 2.0.3.10 build 38) or later
  • Sun Blade 6048 Modular System with Chassis 2.1 (ILOM 2.0.3.10 build 38) or later
  • Sun Blade X6220  with Server Module Software 2.1 (ILOM 2.0.3.10 build 38) or later
  • Sun Blade X6250 with Server Module Software 2.0.1 (ILOM 2.0.3.6 build 36946) or later
  • Sun Blade X6450 with Server Module Software 2.0.1 (ILOM 2.0.3.6 build 36946) or later
  • Sun Blade 8000 Server Module with SW 2.2 (ILOM 2.0.1.10) or later
  • Sun Blade X8000P Modular System with SW 2.2 (ILOM 2.0.1.10) or later
  • Sun Blade X8400 with Software 2.2 (ILOM 2.0.1.12) or later
  • Sun Blade X8420 with Software 2.2 (ILOM 2.0.1.13) or later
  • Sun Blade X8440 with Software 2.2 (ILOM 2.0.1.11) or later
  • Sun Blade X8450 with Software 2.2 (ILOM 2.0.1.10) or later
Fixes for the following Netra platforms are available for download at:
See the platform names below for specific system firmware and link information:

Sun Netra X4200M2
  •  Sun Netra X4200M2 Server with SW 2.1N (ILOM 2.0.5.3 build 37380) or later
http://www.sun.com/servers/netra/x4200/support.xml

Sun Netra X4250
  • Sun Netra X4250 Server with SW 2.1N (ILOM 2.0.2.6 build 37455) or later
http://www.sun.com/servers/netra/x4250/support.xml

Sun Netra X4450
  • Sun Netra X4450 with SW 2.2N (ILOM 2.0.2.6 build 37455) or later
http://www.sun.com/servers/netra/x4450/support.xml


For more information on Security Sun Alerts, see <Document: 1009886.1>.


Modification History
03-Nov-2008: Updated Product, Contributing Factors, and Resolution sections.


References

<SUNPATCH: 136932-05>
<SUNPATCH: 136936-08>
<SUNPATCH: 136933-07>
<SUNPATCH: 136934-06>
<SUNPATCH: 136938-02>
<SUNPATCH: 136935-03>
<SUNPATCH: 136937-02>
<SUNPATCH: 139280-02>

Internal Comments
An updated version of the ILOM firmware will be provided for each impacted
product. The details for each product will depend on the support and release
procedures of the product teams.
Please send technical questions to the following email:
sunalert-tech-questions@sun.com
and CC the following persons:
Internal Contributor/Submitter
Internal Eng Responsible Engineer
Internal Services Knowledge Engineer
Internal Contributor/submitter
Tom.Caron@Sun.COM
Internal Eng Responsible Engineer
Josh.Rosen@sun.com
Internal Services Knowledge Engineer
jeff.folla@sun.com
Internal Eng Business Unit Group
SSG ES (Enterprise Systems)
Internal Resolution Patches
136932-05, 136936-08, 136933-07, 136934-06, 136938-02, 136935-03, 136937-02, 139280-02

References

SUNPATCH:136932-05
SUNPATCH:136933-07
SUNPATCH:136934-06
SUNPATCH:136935-03
SUNPATCH:136936-08
SUNPATCH:136937-02
SUNPATCH:136938-02
SUNPATCH:139280-02

References

SUNPATCH:136932-05
SUNPATCH:136933-07
SUNPATCH:136934-06
SUNPATCH:136935-03
SUNPATCH:136936-08
SUNPATCH:136937-02
SUNPATCH:136938-02
SUNPATCH:139280-02

Attachments
This solution has no attachment
  Copyright © 2011 Sun Microsystems, Inc.  All rights reserved.
 Feedback