sadmind: A Solstice administrator support program, sadmind can
be exploited through a buffer overflow attack. Possibly, some patched
versions are exploitable.
A remote intruder can execute commands as root if the buffer overflow
attack is successful.
The sadmind program (especially Solaris 2.4, 2.5.x and 2.6)
is exploitable for remote root access. Versions are vulnerable to a buffer
overflow attack where a well crafted pattern could execute arbitrary
commands as the root user.
- Where possible, disable sadmind in the inetd.conf file.
- Otherwise, patch the system to a version that is not vulnerable to
the buffer overflow attack. However, there are reports that even patched
versions may be vulnerable.
CA-99-16 advisory on this topic.