=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN289
_____________________________________________________________________

DATE                      : 09/05/2005

HARDWARE PLATFORM(S)      : Sun StorEdge 6130 arrays.

OPERATING SYSTEM(S)       : Systems running on Sun StorEdge 6130 Arrays.

======================================================================

Sun(sm) Alert Notification
      * Sun Alert ID: 57771
      * A Limited Number of Sun StorEdge 6130 Arrays May be Vulnerable to
        Unauthorized Access
      * Category: Security
      * Product: Sun StorEdge 6130 Array (SE6130)
      * BugIDs: 6244556
      * Avoidance: Workaround
      * State: Resolved
      * Date Released: 05-May-2005
      * Date Closed: 05-May-2005
      * Date Modified:

    1. Impact A local or remote unprivileged user may be able to gain
    unauthorized access to a limited number of Sun StorEdge 6130 arrays
    (SE6130). With this access, the user could delete data on the array.

    2. Contributing Factors This issue can occur on the following
    platform:

      * Sun StorEdge 6130 arrays with a serial number in the range of
        0451AWF00G - 0513AWF00J

    Notes:

     1. The described issue only affects Controller Arrays. Expansion
        trays are not affected.
     2. SE6130 Controller Arrays with serial numbers outside the range
        above are not impacted by this issue.

    The Sun StorEdge Configuration Service (SSCS) commands can be used to
    determine the serial number of a Sun StorEdge 6130 array as shown in
    the example below:

    1. Login to SSCS using the sscs(1M) comand line utility:

     % /opt/se6x20/cli/bin/sscs login -h <management_host_name> -u <user>


    2. To list the array(s) managed by this management host:

     % /opt/se6x20/cli/bin/sscs list array
     Array: SE6130-1
     Array: SE6130-2
     Array: SE6130-3

    3. To list the details (including the serial number) of each array:

     % /opt/se6x20/cli/bin/sscs list array <array_name>
     Array:
     Serial Number:             SUN.54062390100.0428AWF006
     Firmware Version:          06.12.03.10
     Array WWN:                 60:0A:0B:80:00:16:AB:12:00:00:00:00:41:23:4B:E2
     Node WWN:                  20:04:00:A0:B8:16:AB:12
     Default Host Type:         Solaris (with Traffic Manager)
     Default Cache Block Size:  16384
     Default Cache Start %:     80
     Default Cache Stop %:      80
     Disk Scrubbing:            30 days
     Failover Alert Delay:      5 minutes
     Hot Spare Pool Disks:      1
     Health                     OK
     Tray ID:                   1
     Host:                      host 1
     Pool:                      Pool 1-1
     Pool:                      Pool 2
     Pool:                      Pool 3
     Pool:                      Pool 1
     Pool:                      Default
     %

    4. Logout of SSCS

     % /opt/se6x20/cli/bin/sscs logout

    3. Symptoms There are no predictable symptoms that would indicate the
    described issue has been exploited.

    Solution Summary

    4. Relief/Workaround There is no workaround. Please see the
    "Resolution" section below.

    5. Resolution Customers with an array that falls within the serial
    number range defined above should contact their Sun authorized service
    provider and reference this Sun Alert to obtain a utility which will
    resolve this issue.

    This Sun Alert notification is being provided to you on an "AS IS"
    basis. This Sun Alert notification may contain information provided by
    third parties. The issues described in this Sun Alert notification may
    or may not impact your system(s). Sun makes no representations,
    warranties, or guarantees as to the information contained herein. ANY
    AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
    WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
    NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT
    YOU ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
    INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE
    OUT OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN.
    This Sun Alert notification contains Sun proprietary and confidential
    information. It is being provided to you pursuant to the provisions of
    your agreement to purchase services from Sun, or, if you do not have
    such an agreement, the Sun.com Terms of Use. This Sun Alert
    notification may only be used for the purposes contemplated by these
    agreements.

    Copyright 2000-2005 Sun Microsystems, Inc., 4150 Network Circle, Santa
    Clara, CA 95054 U.S.A. All rights reserved.

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================