CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.7%
Added: 01/09/2006
CVE: CVE-2003-0722
BID: 8615
OSVDB: 4585
**sadmind**
is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs **sadmind**
with the **AUTH_SYS**
authentication method by default.
The **sadmind**
running with the **AUTH_SYS**
authentication method allows remote attackers to execute arbitrary commands.
If the **sadmind**
service is not needed, disable it service by commenting the line beginning with “100232” out of **/etc/inetd.conf**
, and restarting the inetd process. Otherwise, install the patches referenced in Sun Alert 56740.
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=6>
SunOS