---------------------------------------------------------------------- Are you missing: SECUNIA ADVISORY ID: Critical: Impact: Where: within the advisory below? This is now part of the Secunia commercial solutions. Click here to learn more about our commercial solutions: http://secunia.com/advisories/business_solutions/ Click here to trial our solutions: http://secunia.com/advisories/try_vi/ ---------------------------------------------------------------------- TITLE: Sun Solaris "sadmind" Two Vulnerabilities SECUNIA ADVISORY ID: SA32473 VERIFY ADVISORY: http://secunia.com/advisories/32473/ DESCRIPTION: Secunia Research has discovered two vulnerabilities in Sun Solaris, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error exists in "sadmind" when decoding request parameters. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. 2) An integer overflow error exists in "sadmind" when allocating memory for incoming "sadmind" requests. This can be exploited to cause a heap-based buffer overflow via a specially crafted RPC request. Successful exploitation of the vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. -- SPARC Platform -- Solaris 8: Apply patch 116455-02 or later. Solaris 9: Apply patch 116453-03 or later. -- x86 Platform -- Solaris 8: Apply patch 116442-02 or later. Solaris 9: Apply patch 116454-03 or later. PROVIDED AND/OR DISCOVERED BY: Alin Rad Pop, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2008-45/ http://secunia.com/secunia_research/2008-47/ Sun Microsystems: http://sunsolve.sun.com/search/document.do?assetkey=1-66-259468-1 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------