Note: This is an archival copy of Security Sun Alert 201253 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000937.1.
Article ID : 1000937.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2007-10-14
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

FTP Security Vulnerability May Cause a Denial of Service to Sun StorEdge 3510 Data Services

Category
Security

Release Phase
Resolved

Product
Sun StorageTek 3510 FC Array

Bug Id
6382051

Date of Resolved Release
15-OCT-2007

Impact

A security vulnerability in the firmware FTP service of the Sun StorEdge 3510 FC Array may allow a remote unprivileged user who has access to the management network to which the array's management Ethernet interface is connected, to make the array unresponsive to data services. This is a type of Denial of Service (DoS).


Contributing Factors

This issue can occur on the following platform:

  • Sun StorEdge 3510 with firmware earlier than 4.21

Note: StorEdge 3510 arrays which are not connected to a network via the ethernet port are not affected by this issue.

To determine the firmware revision on the StorEdge 3510, the following sccli(1M) command can be run:

    sccli> show inquiry
    Vendor: SUN
    Product: StorEdge 3510
    Revision: 415F
    Peripheral Device Type: 0x0

    ...


Symptoms

Should the described issue occur, the host (requesting the I/O services from the affected array) may report timeouts for I/O requests and may eventually offline the array.

Messages similar to the following may appear in the array event log:

    Tue Jan 24 14:03:06 2007
    [Primary]   Warning
    Memory Not Sufficient to Fully Support Current Config
    ...

Workaround

It is strongly recommended that these arrays be placed on a private management network.

The FTP service to the array can be disabled using the Sun StorEdge Command-Line Interface (sccli(1M)), telnet(1), or serial port.

To disable FTP via SCCLI:

    sccli> set protocol ftp disable

then verify the status:

    sccli> show protocol
    Identifier      Status    Port  Parameters
    --------------------------------------
    telnet          enabled   23    inactivity-timeout=disabled
    http            enabled   80    n/a
    https           disabled  n/a   n/a
    ftp             disabled  n/a   n/a  <---- FTP is Disabled.
    ssh             disabled  n/a   n/a
    priagent        enabled   58632 n/a
    snmp            disabled  n/a   n/a
    dhcp            enabled   68    n/a
    ping            enabled   n/a   n/a

To disable FTP to the array via telnet/serial port:

From the main menu, select:

    View and edit Configuration parameters -> Communication Parameters ->     Network Protocol Support

You will see a list of protocols and their status. From this list, select:

    FTP - Enabled

and you will get a message prompting you to select "Yes" or "No" to Disable FTP. Select "Yes" and this will disable FTP to the array. There is no need to reset the array for this change to take effect.


Resolution

This issue is addressed in the following release:

SPARC Platform

  • Sun StorEdge 3510 (FC) Array with firmware version 4.21 (as delivered in patch 113723-18 or later)


References

113723-18




Attachments
This solution has no attachment