Release date:
Updated on:
Affected Systems:
Oracle Sun Integrated Lights Out Manager (ILOM) 3.x
Oracle Sun System Firmware (SysFW) 8.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 48653
Cve id: CVE-2011-2263, CVE-2011-2307, CVE-2011-2288
Sun Integrated Lights Out Manager (ILOM) is a service processor (SP) architecture.
Sun Integrated Lights Out Manager has a security vulnerability in the implementation of specially crafted SSH requests. Remote attackers can exploit this vulnerability to leak sensitive information and control affected devices.
<* Source: Oracle
Link: http://secunia.com/advisories/45312/
Http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Oracle
------
Oracle has released a Security Bulletin (cpujuly2011-313328) and patches for this:
Cpujuly2011-313328: Oracle Critical Patch Update Advisory-July 2011
Link: http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html