CVE-2008-5099
Last modified
CVE-2008-5099 is a vulnerability of currently unknown severity. Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l" command, a different vulnerability than CVE-2008-4992.. EPSS estimates a 0.36% chance of exploitation in the next 30 days.
Description
Sun Logical Domain Manager (aka LDoms Manager or ldm) 1.0 through 1.0.3 displays the value of the OpenBoot PROM (OBP) security-password variable in cleartext, which allows local users to bypass the SPARC firmware's password protection, and gain privileges or obtain data access, via the "ldm ls -l" command, a different vulnerability than CVE-2008-4992.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Sun | Logical Domain Manager | 1.0 | Nil |
| Sun | Logical Domain Manager | 1.0.1 | Nil |
| Sun | Logical Domain Manager | 1.0.2 | Nil |
| Sun | Logical Domain Manager | 1.0.3 | Nil |
References
- http://secunia.com/advisories/32674Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139395-02-1Patch, Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139396-02-1Patch, Vendor Advisory
- http://secunia.com/advisories/32674Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139395-02-1Patch, Vendor Advisory
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-139396-02-1Patch, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2008-5099?
How severe is CVE-2008-5099?
How do I fix CVE-2008-5099?
Are you affected by CVE-2008-5099?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST