OVAL Repository - View Definition: oval:org.mitre.oval:def:1273

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:1273		Version: 5 Last Modified: 2010-09-02
Title:	Solaris SAdmin Client Credentials Remote Administrative Access Vulnerability
Description:	The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2003-0722
Platform(s):	Sun Solaris 7 Sun Solaris 8 Sun Solaris 9	Product(s):	Sadmin
Definition Synopsis:
Software section Solaris 7,8,or 9 installed Solaris 8 Installed OR Solaris 7 Installed OR Solaris 9 Installed AND System and Network Administration Framework Installed AND NOT Patch 116457-02 or later installed AND NOT Patch 116442-01 or later installed AND NOT Patch 116454-01 or later installed AND Configuration section inetd running AND inetd.conf contains sadmind AND NOT Sadmin called using strong authentication

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest