A security vulnerability in the firmware FTP service of the Sun StorEdge 3510 FC Array may allow a remote unprivileged user who has access to the management network to which the array's management Ethernet interface is connected, to make the array unresponsive to data services. This is a type of Denial of Service (DoS).

This issue can occur on the following platform:

• Sun StorEdge 3510 with firmware earlier than 4.21

Note: StorEdge 3510 arrays which are not connected to a network via the ethernet port are not affected by this issue.

To determine the firmware revision on the StorEdge 3510, the following sccli(1M) command can be run:

    sccli> show inquiry
    Vendor: SUN
    Product: StorEdge 3510
    Revision: 415F
    Peripheral Device Type: 0x0

    ...

Should the described issue occur, the host (requesting the I/O services from the affected array) may report timeouts for I/O requests and may eventually offline the array.

Messages similar to the following may appear in the array event log:

    Tue Jan 24 14:03:06 2007
    [Primary]   Warning
    Memory Not Sufficient to Fully Support Current Config
    ...

It is strongly recommended that these arrays be placed on a private management network.

The FTP service to the array can be disabled using the Sun StorEdge Command-Line Interface (sccli(1M)), telnet(1), or serial port.

To disable FTP via SCCLI:

    sccli> set protocol ftp disable

then verify the status:

    sccli> show protocol
    Identifier      Status    Port  Parameters
    --------------------------------------
    telnet          enabled   23    inactivity-timeout=disabled
    http            enabled   80    n/a
    https           disabled  n/a   n/a
    ftp             disabled  n/a   n/a  <---- FTP is Disabled.
    ssh             disabled  n/a   n/a
    priagent        enabled   58632 n/a
    snmp            disabled  n/a   n/a
    dhcp            enabled   68    n/a
    ping            enabled   n/a   n/a

To disable FTP to the array via telnet/serial port:

From the main menu, select:

    View and edit Configuration parameters -> Communication Parameters ->     Network Protocol Support

You will see a list of protocols and their status. From this list, select:

    FTP - Enabled

and you will get a message prompting you to select "Yes" or "No" to Disable FTP. Select "Yes" and this will disable FTP to the array. There is no need to reset the array for this change to take effect.

This issue is addressed in the following release:

SPARC Platform

• Sun StorEdge 3510 (FC) Array with firmware version 4.21 (as delivered in patch 113723-18 or later)

This solution has no attachment