Oval Definition:oval:org.mitre.oval:def:6092
Revision Date:2010-09-20Version:18
Title:Integer Overflow Vulnerability in the Solaris 8 and 9 sadmind(1M) Daemon May Lead to Arbitrary Code Execution
Description:Integer overflow in sadmind in Sun Solaris 8 and 9 allows remote attackers to execute arbitrary code via a crafted RPC request that triggers a heap-based buffer overflow, related to improper memory allocation.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-3870
Platform(s):Sun Solaris 8
Sun Solaris 9
Product(s):
Definition Synopsis
  • Software Section
  • Solaris 8 (SPARC) meets Sun Alert 259468
  • Solaris 8 (SPARC) is installed
  • AND NOT Patch 116455-02 or later installed
  • OR Solaris 9 (SPARC) meets Sun Alert 259468
  • Solaris 9 (SPARC) is installed
  • AND NOT Patch 116453-03 or later installed
  • OR Solaris 8 (x86) meets Sun Alert 259468
  • Solaris 8 (x86) is installed
  • AND NOT Patch 116442-02 or later installed
  • OR Solaris 9 (x86) meets Sun Alert 259468
  • Solaris 9 (x86) is installed
  • AND NOT Patch 116454-03 or later installed
  • AND Configuration Section
  • inetd running
  • AND inetd.conf contains sadmind
    • BACK