The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Solaris | Sun | * | * |