Sun Solaris sadmind vulnerability

Howard Dahdah (Computerworld)
17 September, 2003 11:58
Comments

Sun reports that a unprivileged user may be able to execute arbitrary commands with the permissions of the sadmind(1M) daemon on Solaris systems which have sadmind(1M) enabled in inetd.conf(4).

"The sadmind(1M) daemon normally runs with "root" (uid 0) privileges. If the sadmind(1M) daemon is utilizing the default security level authentication mechanism of AUTH_SYS (see secure_rpc(3NSL)), users may be able to forge AUTH_SYS credentials."

The operating systems affected are: Sun Solaris 9, Sun Solaris 8 and Sun Solaris 7.

More information is found at
http://au.sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F56740&zone_32=category%3Asecurity

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email Computerworld
Follow Computerworld on twitter

More about: CGI

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Whitepapers

Print security and the mobile workforce

Where, when, and how we work is changing. Whether your employees are working on the road without a dedicated workstation or from a home office, they need a safe way to print. Driving this shift is the accelerating adoption of smartphones, tablets, and other mobile devices. But even with these devices, printing remains a key business function for virtually all employees, and many may already be using them to print. Read more.

Featured Download

Seamonkey

Seamonkey includes an Internet browser, email and newsgroup client with an included web feed reader, HTML editor, IRC chat and web development tools. SeaMonkey will ...

Zones

Most Popular Whitepapers

Process-Driven Master Data Management for Dummies

We wrote this book to introduce you to the subject of processdriven MDM. It’s a big topic, one that far outstrips the ability of a brief book to cover. However, our hope is that by reading this book you will gain a fundamental understanding of processdriven MDM, how it works, and what it takes to make it a success in your organisation.

Popular tags: Business Management, Security, Data Centre, Storage, Master Data Management

Latest Jobs

FTSAP Basis ConsultantNSW
CCSAP PM ConsultantNSW
CCSystem Engineer - Exchange - CONTRACTSWA
FTChange Management ProfessionalsNSW
FTSAP Basis ConsultantACT
FTSenior Citrix EngineerNSW
CCAvaya Engineer - ERS 8600 4.1NSW
FTSenior Network Engineer - Cisco / Nexus / UCS / - Routing / Switching / WirelessNSW
CCSAP FICO ConsultantNT
CCOBIEE ConsultantWA
CCSystem Engineer - Lync and Exchange - CONTRACTSWA
FTTechnical Services Engineer - ShoreTel/MitelVIC
FTProduct Manager Strategist - Enterprise ApplicationsNSW
FTIT Account Manager - System Integrator - Career Progression - Start ImmediatelyNSW
FTQM Trainer and ConsultantNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTSenior Network Field Engineer - Cisco R&S / Wireless SolutionsNSW
FTSenior Citrix EngineerNSW
CCPC Relocation Technicians - Multiple Roles availableSA
FTiPhone App DeveloperNSW
FTiPhone Developer DeveloperNSW
FTIT Service Desk EngineerNSW
FTiPhone App DeveloperNSW
FTiPhone App DeveloperNSW
FTIT Service Desk EngineerNSW

Market Place

Sun Solaris sadmind vulnerability

Comments

Post new comment

NBN build gaining momentum daily: Quigley

Coalition NBN better or worse?

A comparison of Telstra's 4G phones

Which tablet should I buy? iPad 2 vs Sony Tablet S

Bredolab botnet author sentenced to 4 years in prison in Armenia

Untethered jailbreak for iOS 5.1.1 available for download

NBN service plans won't cost consumers more: Conroy

Microsoft at a loss over Event Viewer scam

Stallman: If you want freedom don't follow Linus Torvalds

Conroy turns the attack to Hockey

CeBIT 2012: Will NBN speed up freight delivery times?

Print security and the mobile workforce

Stopping Fake Antivirus: How to Keep Scareware off Your Network

Magic Quadrant for Enterprise Disk-Based Backup/Recovery

Virtualisation and Cloud Computing: Optimised Power, Cooling, and Management Maximises Benefits

Seamonkey

Avaya Air Cover Zone

Application Lifecycle Management

HP Converged Storage Zone

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Process-Driven Master Data Management for Dummies

Business Intelligence Best Practices for Dashboard Design

Learning To Compete: IT’s Next Transformation

Seven Steps to Effective Data Governance

Guidance for Calculation of Efficiency (PUE) in Data Centers

Computerworld newsletter

Don't have an account?

Sun Solaris sadmind vulnerability

Comments

Post new comment

Computerworld newsletter