-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 09.16.03:
http://www.idefense.com/advisory/09.16.03.txt
Remote Root Exploitation of Default Solaris sadmind Setting
September 16, 2003
I. BACKGROUND
Solstice AdminSuite is a set of tools packaged by Sun Microsystems Inc.
Hasn't there always been a warning in the sadmind man page about security
levels less than 3? I'm not sure this exploit is newsworthy.
[d]
On Tue, 16 Sep 2003, iDEFENSE Labs wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
iDEFENSE Security Advisory 09.16.03:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It's news worthy. This vulnerability has been privately exploited for
at least 7 years. Most Solaris machines that have sadmin open are exploitable.
It's a shame to see an excellent vulnerability such as this finally
be made public.
Hasn't there
It's news worthy. This vulnerability has been privately exploited for
at least 7 years. Most Solaris machines that have sadmin open are exploitable.
It's a shame to see an excellent vulnerability such as this finally
be made public.
Kind of like idiot admins leaving null sessions enabled
In some mail from [EMAIL PROTECTED], sie said:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It's news worthy. This vulnerability has been privately exploited for
at least 7 years. Most Solaris machines that have sadmin open are
exploitable.
It's a shame to see an excellent