ID CVE-2008-3870
Summary Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:8.0:-:sparc
    cpe:2.3:o:sun:solaris:8.0:-:sparc
  • cpe:2.3:o:sun:solaris:8.0:-:x86
    cpe:2.3:o:sun:solaris:8.0:-:x86
  • cpe:2.3:o:sun:solaris:9.0:-:sparc
    cpe:2.3:o:sun:solaris:9.0:-:sparc
  • cpe:2.3:o:sun:solaris:9.0:-:x86
    cpe:2.3:o:sun:solaris:9.0:-:x86
CVSS
Base: 10.0 (as of 26-05-2009 - 20:25)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
NASL family Solaris Local Security Checks
NASL id SOLARIS8_116455.NASL
description SunOS 5.8: Solaris sadmind default securit. Date this patch was last updated by Sun : Feb/06/04
last seen 2018-09-01
modified 2016-12-09
plugin id 13405
published 2004-07-12
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=13405
title Solaris 8 (sparc) : 116455-01
oval via4
accepted 2010-09-20T04:00:32.984-04:00
class vulnerability
contributors
  • name Pai Peng
    organization Hewlett-Packard
  • name Jonathan Baker
    organization The MITRE Corporation
definition_extensions
  • comment Solaris 8 (SPARC) is installed
    oval oval:org.mitre.oval:def:1539
  • comment Solaris 9 (SPARC) is installed
    oval oval:org.mitre.oval:def:1457
  • comment Solaris 8 (x86) is installed
    oval oval:org.mitre.oval:def:2059
  • comment Solaris 9 (x86) is installed
    oval oval:org.mitre.oval:def:1683
description Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
family unix
id oval:org.mitre.oval:def:6092
status accepted
submitted 2009-05-28T13:34:47.000-04:00
title Integer Overflow Vulnerability in the Solaris 8 and 9 sadmind(1M) Daemon May Lead to Arbitrary Code Execution
version 33
refmap via4
bid 35083
bugtraq 20090523 Secunia Research: Sun Solaris "sadmind" Integer Overflow Vulnerability
confirm
misc http://secunia.com/secunia_research/2008-47/
osvdb 54668
sectrack 1022275
secunia
  • 32473
  • 35191
sunalert 259468
vupen ADV-2009-1409
xf solaris-allocating-bo(50706)
Last major update 21-08-2010 - 01:23
Published 26-05-2009 - 17:30
Last modified 11-10-2018 - 16:50
Back to Top