1. CVE-Search
  2. CVE-2007-6360
ID CVE-2007-6360
Summary Unspecified vulnerability in the Sun eXtended System Control Facility (XSCF) Control Package (XCP) firmware before 1050 on SPARC Enterprise M4000, M5000, M8000, and M9000 servers allows remote attackers to cause a denial of service (reboot) via (1) telnet, (2) ssh, or (3) http network traffic that triggers memory exhaustion.
References
Vulnerable Configurations
  • cpe:2.3:h:sun:sparc_enterprise_server:m4000:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sparc_enterprise_server:m4000:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sparc_enterprise_server:m5000:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sparc_enterprise_server:m5000:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sparc_enterprise_server:m8000:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sparc_enterprise_server:m8000:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:sparc_enterprise_server:m9000:*:*:*:*:*:*:*
    cpe:2.3:h:sun:sparc_enterprise_server:m9000:*:*:*:*:*:*:*
  • cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:*:*:firmware:*:*:*:*:*
    cpe:2.3:h:sun:extended_system_control_facility_xcp_1040:*:*:firmware:*:*:*:*:*
CVSS
Base: 7.8 (as of 08-08-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
bid 26712
osvdb
  • 40842
  • 40843
  • 40844
sectrack 1019048
secunia 27926
sunalert
  • 103159
  • 201333
vupen ADV-2007-4098
xf sparc-enterprise-xcp-firmware-dos(38860)
Last major update 08-08-2017 - 01:29
Published 15-12-2007 - 01:46
Last modified 08-08-2017 - 01:29
Back to Top