Published: 22/09/2003 Updated: 11/10/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote malicious users to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sun solaris

#!/usr/bin/perl -w ################## ## # Title: rootdownpl # Purpose: Solaris Remote command executiong via sadmind # Author: H D Moore hdm at metasploitcom # Copyright: Copyright (C) 2003 METASPLOITCOM ## use strict; use POSIX; use IO::Socket; use IO::Select; use Getopt::Std; my $VERSION = "10"; my %opts; getopts("h: ...

## # $Id: sadmind_execrb 9583 2010-06-22 19:11:05Z todb $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Meta ...

NVD-CWE-Other http://www.idefense.com/advisory/09.16.03.txt http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0115.html http://www.kb.cert.org/vuls/id/41870 http://www.ciac.org/ciac/bulletins/n-148.shtml http://www.securityfocus.com/bid/8615 http://secunia.com/advisories/9742 http://sunsolve.sun.com/search/document.do?assetkey=1-26-56740-1&searchclause=security http://marc.info/?l=bugtraq&m=106391959014331&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1273 https://nvd.nist.gov https://www.exploit-db.com/exploits/101/https://www.kb.cert.org/vuls/id/41870

CVE-2003-0722

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect