sadmind AUTH_SYS authentication vulnerability

Added: 01/09/2006 CVE: CVE-2003-0722 BID: 8615 OSVDB: 4585 Background sadmind is a service which coordinates distributed system administration operations remotely. The Sun Solstice AdminSuite runs sadmind with the AUTHSYS authentication method by default. Problem The sadmind running with the...

Sun Solstice AdminSuite ships with insecure default configuration

Overview The sadmind service provided on many Solaris and SunOS systems ships with an insecure default configuration that allows remote users to execute arbitrary commands with superuser root privileges. Description The Sun Microsystems Solstice AdminSuite is a graphical tool that allows Solaris...