cvelistv5 - cve-2007-5717

CVE-2007-5717 (GCVE-0-2007-5717)

Vulnerability from cvelistv5

Published

2007-10-30 21:00

Modified

2024-08-07 15:39

Severity ?

CWE

Summary

Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170.

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/3652	vdb-entry, x_refsource_VUPEN
	http://osvdb.org/40835	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/26250	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/27416	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1018869	vdb-entry, x_refsource_SECTRACK
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200667-1	vendor-advisory, x_refsource_SUNALERT
	https://exchange.xforce.ibmcloud.com/vulnerabilities/38149	vdb-entry, x_refsource_XF
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1	vendor-advisory, x_refsource_SUNALERT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.592Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-3652",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3652"
          },
          {
            "name": "40835",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40835"
          },
          {
            "name": "26250",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26250"
          },
          {
            "name": "27416",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27416"
          },
          {
            "name": "1018869",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018869"
          },
          {
            "name": "200667",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200667-1"
          },
          {
            "name": "sunfire-elom-command-execution(38149)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38149"
          },
          {
            "name": "103127",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-3652",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3652"
        },
        {
          "name": "40835",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40835"
        },
        {
          "name": "26250",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26250"
        },
        {
          "name": "27416",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27416"
        },
        {
          "name": "1018869",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018869"
        },
        {
          "name": "200667",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200667-1"
        },
        {
          "name": "sunfire-elom-command-execution(38149)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38149"
        },
        {
          "name": "103127",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5717",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Sun Fire X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) on x86 before firmware 2.70 allows remote attackers to execute arbitrary commands as root on the Service Processor (SP) via unspecified vectors, a different vulnerability than CVE-2007-5170."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-3652",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3652"
            },
            {
              "name": "40835",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40835"
            },
            {
              "name": "26250",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26250"
            },
            {
              "name": "27416",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27416"
            },
            {
              "name": "1018869",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018869"
            },
            {
              "name": "200667",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200667-1"
            },
            {
              "name": "sunfire-elom-command-execution(38149)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38149"
            },
            {
              "name": "103127",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103127-1"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5717",
    "datePublished": "2007-10-30T21:00:00.000Z",
    "dateReserved": "2007-10-30T00:00:00.000Z",
    "dateUpdated": "2024-08-07T15:39:13.592Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2007-AVI-466

Vulnerability from certfr_avis

Une vulnérabilité dans les serveurs Sun Fire X2100 M2 et X2200 M2 permet à une personne malintentionnée d'exécuter des commandes arbitraires à distance.

Description

Une vulnérabilité a été identifiée dans les serveurs Sun Fire 2100 M2 et Sun Fire X2200 M2. Elle concerne l'application Embedded Lights Out Manager et permet à une personne malintentionnée non priviligiée d'exécuter des commandes arbitraires à distance avec des droits administrateur.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation). Le firmware SP/BMC version 2.70 corrige le problème.

None

Impacted products

	Vendor	Product	Description
	N/A	N/A	Sun Fire X2200 M2 sur plateforme x86.
	N/A	N/A	Sun Fire X2100 M2 sur plateforme x86;

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted