Title: Sun Solaris 'sadmind' Daemon Multiple Buffer Overflow Vulnerabilities
Severity: CRITICAL
Description:
Sun Solaris is prone to multiple buffer-overflow vulnerabilities that affect the 'sadmind(1M)' daemon:
1. CVE-2008-3869: A buffer overflow occurs when decoding request parameters.
2. CVE-2008-3870: An integer-overflow issue may lead to a heap-based buffer overflow when allocating memory for incoming requests.
Attackers can leverage these issues to execute arbitrary code with superuser privileges. Failed attacks will cause denial-of-service conditions.
These issues affect Solaris 8 and 9.
Affected Products:
- Sun Solaris 8
- Sun Solaris 8_x86
- Sun Solaris 9
- Sun Solaris 9_x86
References:
- CVE: CVE-2008-3869
- CVE: CVE-2008-3870
- Secunia Research: Secunia Research: Sun Solaris 'sadmind' Buffer Overflow Vulnerability
- Secunia Research: Secunia Research: Sun Solaris 'sadmind' Integer Overflow Vulnerability
- Sun: Solution 259468 : Multiple Vulnerabilities in the Solaris 8 and 9 sadmind(1M)
- Sun Microsystems: Sun Homepage
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
