Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Technology / Systems

Systems

Sun Microsystems Ships Pre-Hacked SPARC Servers

The company makes hackers' lives much easier

By Bogdan Botezatu, Hardware Editor

28th of March 2008, 08:11 GMT

Adjust text size:


Sun's servers have been shipped with a hacker-friendly operating system
Enlarge picture
Sun has just confirmed that it has shipped batches of its SPARC Enterprise T5120 and T5220 servers pre-installed with disk images that pose security vulnerabilities. According to the security report published
by the server vendor, the worst-case scenario would allow a remote attacker to hijack the machine and gain control over the server.

Despite the fact that the security alert is dated February 12, security vendors only revealed it late this week. According to Sun, the shipped servers were pre-installed with an "incorrect Solaris 10 image."

"Sun SPARC Enterprise T5120 and T5220 servers with datecode prior to BEL07480000 have been mistakenly shipped with factory settings in the pre-installed Solaris 10 OS image," Sun said in the advisory. "These settings may allow a local or remote user to be able to execute arbitrary commands with the privileges of the root (uid 0) user."

Once the remote hacker gets root-user privileges on the server, they can perform a broad range of tasks, including file editing, deletion or copying to a remote FTP server. More than that, once the server is hijacked, it can be used in order to spread malware, in order to steal users' confidential information.

According to Symantec analyst Anthony Roe, there are only a few details available about this issue. Sun only released essential information. Sun released the essential guidelines that allow users figure out whether their systems are affected by the issue, as well as the methods to lock the servers down if they are exposed.

"If you are running [one of these servers], you need to review the vulnerability alert and apply the configuration changes that the vendor recommends," advised Roe.

The Enterprise T5120 and T5220 servers are targeted at the enterprise segment, and come with price tags of $14,000 and $15,000, respectively. Built with Sun's UltraSPARC T2 chips, the systems are running Solaris 10 as the pre-installed operating system.

Sun refused to detail on how the buggy servers managed to pass the final quality control checks.

TAGS:

 Sun | UltraSPARC | Solaris 10 | Server | security


Rating:
Fair (2.2/5) 7 vote(s) so far    

Read by 0 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Intel, AMD, Nvidia, Sun Slammed With Patent Infringement Lawsuit

World's Second Most Powerful Supercomputer to Untangle the Mysteries of Universe

IBM Launches Mainframe Computer, Gears Up for Hybrid CPUs

China Universities Join Sun's SPARC Partnership Program

Sungjut TangoX Nano UMPC, Built on Via's NanoBook Platform: Eee PC Checkmate?

Dell Unveils Die-Hard Notebook: Should We Pour Water on It, Or Smash It to the Ground?

Intel Will Ship Six-Core Xeons Later This Year

AMD Appoints ex-Sun VP as Chief Marketing Officer

Sun Gets Pentagon's Money for Laser-Based Chip Interconnects

Sun's Executive VP Jumps into Juniper Networks' Bandwagon

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive