Preemptive Protection against Sun Solaris sadmind Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-238 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA32283 | |
| Industry Reference(s): | CVE-2008-4556 CVE-1999-0977 |
|
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Sun Solaris 8 Sun Solaris 9 | ||
| Vulnerability Description A vulnerability was reported in Sun Solaris Solstice AdminSuite daemon sadmind. Solstice AdminSuite is a set of applications for distributed system administration. sadmind is a daemon used by SolsticeAdminsuite to control the servers running Sun Solaris operating system. One of the sadmind functions fails to process overly long parameters. Remote attackers could exploit this vulnerability by sending a maliciously crafted request to a vulnerable installation of sadmind. Successful exploitation would allow for arbitrary code execution. |
||
|
Vulnerability Status The vulnerability has been publicly disclosed. |
|
|
Update/Patch Available Sun has released patches for this vulnerability: http://sunsolve.sun.com/search/document.do?assetkey=1-66-245806-1 |
|
|
Vulnerability Details The vulnerable function does not validate user supplied data when appending it to a stack-based buffer, resulting in a stack-based buffer overflow. |
Protection Overview
By enabling this protection, IPS-1 will detect and block large RPC requests to the sadmind program. The protection has been available since 2003; no update is required.
To configure the defense, select your product from the list below and follow the related protection steps.