Vulnerability Details : CVE-2003-0722
Public exploit exists!
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
Products affected by CVE-2003-0722
- cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2003-0722
89.61%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2003-0722
-
Solaris sadmind Command Execution
Disclosure Date: 2003-09-13First seen: 2020-04-26exploit/solaris/sunrpc/sadmind_execThis exploit targets a weakness in the default security settings of the sadmind RPC application. This server is installed and enabled by default on most versions of the Solaris operating system. Vulnerable systems include solaris 2.7, 8, and 9 Autho
CVSS scores for CVE-2003-0722
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2003-0722
-
http://www.ciac.org/ciac/bulletins/n-148.shtml
-
http://marc.info/?l=bugtraq&m=106391959014331&w=2
'Solaris SADMIND Exploitation' - MARC
-
http://secunia.com/advisories/9742
-
http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0115.html
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-56740-1&searchclause=security
-
http://www.kb.cert.org/vuls/id/41870
US Government Resource
-
http://www.idefense.com/advisory/09.16.03.txt
-
http://www.securityfocus.com/bid/8615
Sun Solaris SAdmin Client Credentials Remote Administrative Access Vulnerability
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1273
404 Not Found
Jump to