A security vulnerability in the X2100 M2 and X2200 M2 Embedded Lights Out Manager (ELOM) software may allow remote unprivileged users the ability to execute arbitrary commands with root privileges on the embedded Service Processor (SP).

This issue can occur on the following platforms:

x86 Platform

• Sun Fire X2100/X2200 M2 Servers without SP/BMC firmware version 2.70 (or later)

Notes:

1. No other x64 systems are affected by this issue.
2. The SPARC platform is not affected by this issue.

To determine the firmware version of the SP, the ipmitool(1M) utility can be run as in the following example:

    $ ipmitool -H <hostname> -U <username> mc info
    Device ID                 : 5
    Device Revision           : 0
    Firmware Revision         : 2.91
    IPMI Version              : 2.0

or the following command can be used at the CLI (logged in to the SP):

    /SP -> show /SP/AgentInfo
    /SP/AgentInfo
    ...
    Properties:
        HWVersion = 0
        FWVersion = 3.09

There are no reliable symptoms that would indicate this issue has been exploited.

To prevent this issue from occurring, administrators can restrict access to the SP by either connecting only via the serial port or by connecting the Net Mgmt RJ-45 ethernet port to a private management network.

Additional information regarding management of the Sun Fire X2100/X2200 M2 Servers, ELOM, and ipmitool(1m) can be found in the "Embedded Lights Out Manager Administration Guide" at:

http://docs.sun.com/source/819-6588-13/

This issue is addressed in the following releases:

• Sun Fire X2100 M2 Server with firmware version 2.70 from the 1.3 "Tools and Drivers" CD (or later) ISO image available at:

http://www.sun.com/servers/entry/x2100/downloads.jsp

• Sun Fire X2200 M2 Server with firmware version 2.70 from the 1.3 "Tools and Drivers" CD (or later) ISO image available at:

http://www.sun.com/servers/x64/x2200/downloads.jsp

This solution has no attachment