Sadmind Version
Summary
sadmind: A Solstice administrator support program, sadmind can
be exploited through a buffer overflow attack. Possibly, some patched
versions are exploitable.
Impact
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The problem
The sadmind program (especially Solaris 2.4, 2.5.x and 2.6)
is exploitable for remote root access. Versions are vulnerable to a buffer
overflow attack where a well crafted pattern could execute arbitrary
commands as the root user.
Fix
- Where possible, disable sadmind in the inetd.conf file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack. However, there are reports that even patched
versions may be vulnerable.
Other tips
CERT released
CA-99-16 advisory on this topic.
CVE Reference(s):