1. CVE-Search
  2. CVE-2008-5685
ID CVE-2008-5685
Summary Sun ScApp firmware 5.18.x, 5.19.x, and 5.20.0 through 5.20.10 on Sun Fire and Netra platforms allows remote attackers to access the System Controller (SC), the system console, and possibly the host OS, and cause a denial of service (shutdown or reboot), via spoofed IP packets. Note: This issue only impacts systems that have a System Controller V2 without SSH enabled.
References
Vulnerable Configurations
  • cpe:2.3:h:sun:scapp:5.18:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.18:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.19:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.19:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.0:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.0:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.1:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.1:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.2:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.2:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.3:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.3:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.4:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.4:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.5:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.5:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.6:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.6:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.7:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.7:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.8:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.8:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.9:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.9:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:scapp:5.20.10:*:*:*:*:*:*:*
    cpe:2.3:h:sun:scapp:5.20.10:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:netra:1280:*:*:*:*:*:*:*
    cpe:2.3:h:sun:netra:1280:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:netra:1290:*:*:*:*:*:*:*
    cpe:2.3:h:sun:netra:1290:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:3800:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:3800:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:4800:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:4800:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:4810:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:4810:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:6800:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:6800:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:e2900:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:e2900:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:e4900:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:e4900:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:e6900:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:e6900:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sun_fire:v1280:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sun_fire:v1280:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 08-03-2011 - 03:14)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 32805
confirm http://sunsolve.sun.com/search/document.do?assetkey=1-21-114527-12-1
sectrack 1021392
secunia 33158
sunalert
  • 1019814
  • 246746
vupen ADV-2008-3440
Last major update 08-03-2011 - 03:14
Published 19-12-2008 - 17:30
Last modified 08-03-2011 - 03:14
Back to Top