Sun Fire Unauthorized Environmental Monitoring Subsystem Modification Vulnerability

Sun Fire Unauthorized Environmental Monitoring Subsystem Modification Vulnerability

Sun Fire products are general purpose server hardware platforms which can be used for a variety of applications. Some Sun Fire systems include an environmental monitoring subsystem which provides feedback on the device.

It may be possible for a malicious, unprivileged local user to issue commands to the environmental monitoring system, creating a denial of service condition.

This vulnerability has been reported in Sun Fire 280R, V880, and V480 systems used with Solaris 8. Reportedly, Solaris 9 does not suffer from this issue.