Alias(es)Sadmind.Weak.Authentication.TCP, Sadmind.Weak.Authentication.UDP |
Release DateJun 08, 2005 |
Severitycritical |
ImpactAttacker may be able to execute arbitrary commands. |
DescriptionIt indicates a possible exploit of an "Administrative access vulnerability" in Sun Solaris sadmind (Solstice Administration Daemon) An "Administrative access vulnerability" is reported in Sun Solaris sadmind (Solstice Administration Daemon) that may allow an attacker to gain access and execute arbitrary commands on a vulnerable system. The security issue is caused by the default use of the insecure "AUTH_SYS" authentication mechanism. An attacker may exploit this by sending a specially crafted sequence of RPC packets to a vulnerable system. |
Affected ProductsSun Trusted Solaris 8.0 x86Sun Trusted Solaris 8.0 Sun Trusted Solaris 7.0 x86 Sun Trusted Solaris 7.0 Sun Solaris 9.0 _x86 Sun Solaris 9.0 Sun Solaris 8.0 _x86 Sun Solaris 8.0 Sun Solaris 7.0 _x86 Sun Solaris 7.0 Sun Solaris 2.6 _x86 Sun Solaris 2.6 |
Recommended ActionsApply following path to the system Sun Solaris 9.0 _x86 http://sunsolve.sun.com/pub-cgi/findPatch.pl?patchId=116454&rev=01 and access Sun website for getting patches for other Sun Solaris versions. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2003-0722 |
Reference/shttp://www.securityfocus.com/bid/8615 (BugTraq) |
