Note: This is an archival copy of Security Sun Alert 249126 as previously published on http://sunsolve.sun.com.|
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1019926.1.
Sun SPARC Enterprise M4000 Server
Sun SPARC Enterprise M5000 Server
Date of Resolved Release
Incorrect software setting prior to shipping on certain Sun SPARC M4000/M5000 servers may allow unauthorized access
Due to incorrect software settings prior to shipping on certain Sun SPARC
2. Contributing Factors
This issue can occur on the following platforms:
XSCF> showhardconfSerial number breakdown to determine affected weeks:
PPMYYWWSSSIn the example above, serial number BCF084604T indicates it is from week 46 of 2008.
If the described issue occurs, the OBP Banner or Browser User Interface (BUI) may display a non-Sun brand.
Another symptom can be seen when typing the keyboard sequence <tab><tab> at the XSCF prompt with the current user in "Normal" mode. This sequence will display a list of all available commands. If the command "enablecodboard" is present in the list, the described issue has been experienced.
There is no workaround for this issue. Please see the Resolution below.
If you believe you have an affected system, a Sun Service Request needs to be opened to correct the manufacturing settings.
Typically this issue can be fixed using Shared Shell (see: http://www.sun.com/service/sharedshell/).
For more information on Security Sun Alerts, see 1009886.1.
Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.
19-Jan-2009: Updated Impact section.
This solution has no attachment