Broadcom Information for VU#512705
Broadcom NetXtreme management firmware ASF buffer overflow
- Vendor Information Help Date Notified:
- Statement Date: 15 Mar 2010
- Date Updated: 25 Mar 2010
Status
Affected
Vendor Statement
Affected devices are only vulnerable when Secure ASF (RMCP/RSP) manageability
is enabled on the platform , which may not be the typical default system
configuration.
Affected devices and the latest vulnerable management firmware version are:
BCM5751, BCM5752, BCM5753, BCM5754, BCM5755, BCM5756, BCM5764, BCM5787: v8.04
BCM57760: v8.07
BCM5761: v1.24.0.9
[...]
Updated versions of management firmware for all affected devices is now
available to PC OEMs as part of the Broadcom NetXtreme 14.0 software release.
[...]
Available work-arounds include: disabling the management firmware and/or Secure
ASF (RSP) support and blocking UDP port 664 traffic from unauthorized sources
in enterprise firewalls.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Vendor References
None
Addendum
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.
View Notes By
Report a Vulnerability
Please use the Vulnerability Reporting Form to report a vulnerability. Alternatively, you can send us email. Be sure to read our vulnerability disclosure policy.