Sadmind Version


Summary

sadmind: A Solstice administrator support program, sadmind can be exploited through a buffer overflow attack. Possibly, some patched versions are exploitable.

Impact

A remote intruder can execute commands as root if the buffer overflow attack is successful.

The problem

The sadmind program (especially Solaris 2.4, 2.5.x and 2.6) is exploitable for remote root access. Versions are vulnerable to a buffer overflow attack where a well crafted pattern could execute arbitrary commands as the root user.

Fix

Other tips

CVE Reference(s):