Sadmind Version


sadmind: A Solstice administrator support program, sadmind can be exploited through a buffer overflow attack. Possibly, some patched versions are exploitable.


A remote intruder can execute commands as root if the buffer overflow attack is successful.

The problem

The sadmind program (especially Solaris 2.4, 2.5.x and 2.6) is exploitable for remote root access. Versions are vulnerable to a buffer overflow attack where a well crafted pattern could execute arbitrary commands as the root user.


Other tips

CVE Reference(s):