Title : Sun System Firmware Local Unauthorized Data Access Vulnerability
Advisory ID : FrSIRT/ADV-2008-3047
CVE ID : GENERIC-MAP-NOMATCHCWE ID : CWE-264Rated as : Moderate Risk 
Remotely Exploitable : No
Locally Exploitable : Yes
Release Date : 2008-11-07세부설명
==========Sun System Firmware에서 로컬 공겨자가 제한된 보안을 우회할 수 있는 취약점이 발견 되었다. 이 문제는 불특정한 에러
문제 때문이며 하나의 Logical Domain(ldm) 내의 로컬 권한의 사용자가 다른 logical domain의 메모리에 접근할 수 있다.
해결책
==========Sun System Firmware versions 6.6.x
Sun System Firmware versions 7.1.x
Sun SPARC Enterprise T5140/T5240 running Sun System Firmware 7.1.3.d or 7.1.3.e
Sun Netra T5220 running Sun System Firmware 7.1.3
Sun SPARC Enterprise T5120/T5220 running Sun System Firmware 7.1.3.d or 7.1.3.e
Sun Blade T6320 running Sun System Firmware 7.1.3.d or 7.1.3.e
Sun Fire / SPARC Enterprise T2000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
Sun Fire / SPARC Enterprise T1000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
Sun Netra T2000 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
Sun Netra CP3060 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
Sun Blade T6300 running Sun System Firmware 6.6.3, 6.6.4 or 6.6.5
레퍼런스
==========http://www.frsirt.com/english/advisories/2008/3047
http://sunsolve.sun.com/search/document.do?assetkey=1-66-244826-1영향받는 버전
==========Apply patches :
http://sunsolve.sun.com/search/document.do?assetkey=1-66-244826-1
sH4
