OSVDB ID: 86393

Title: Oracle Multiple SPARC Product Integrated Lights Out Manager CLI Subcomponent Unspecified Local Information Disclosure

Info

Disclosure

Oct 16, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Oct 16, 2012

Description

Multiple Oracle SPARC products contain a flaw that may lead to an unauthorized information disclosure. This issue is triggered when an unspecified error occurs in the Integrated Lights Out Manager CLI subcomponent. This may allow a local attacker to gain access to potentially sensitive information.

Classification

Location: Local Access Required
Attack Type: Information Disclosure
Impact: Loss of Confidentiality
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Authentication Required

Solution

Currently, there are no known workarounds or upgrades to correct this issue. However, Oracle has released a patch to address this vulnerability. Check the vendor advisory in the references section.

Products

Oracle Corporation	SPARC T3-1	8.2.0.a
	SPARC T3-2	8.2.0.a
	SPARC T3-4	8.2.0.a
	SPARC T3-1B	8.2.0.a
	Netra SPARC T3-1	8.2.0.a
	Netra SPARC T3-1B	8.2.0.a
	SPARC T4-1	8.2.0.a
	SPARC T4-2	8.2.0.a
	SPARC T4-4	8.2.0.a
	SPARC T4-1B	8.2.0.a
	Netra SPARC T4-1	8.2.0.a
	Netra SPARC T4-2	8.2.0.a
	Netra SPARC T4-2B	8.2.0.a

References

CVE ID: 2012-3206 (see also: NVD)
Secunia Advisory ID: 51018
Vendor Specific Advisory URL: http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86393

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Oracle Corporation

SPARC T3-1

SPARC T3-2

SPARC T3-4

SPARC T3-1B

Netra SPARC T3-1

Netra SPARC T3-1B

SPARC T4-1

SPARC T4-2

SPARC T4-4

SPARC T4-1B

Netra SPARC T4-1

Netra SPARC T4-2

Netra SPARC T4-2B

References

Credit