You are here

Solaris sadmind exploit


There's a nasty security hole in Solaris'' sadmind daemon; an exploit has been released which targets a weakness in the default security settings of the sadmind RPC application, and which allows to call arbitrary methods in any class available to sadmind. It has been a busy week for Unix sysadmins : first an exploit in SSH, then a security hole in Sendmail, and now this sadmind hole.

But Windows has its share of the problem too : a new mail worm, called Swen/Gibe.F, is preying a flaw that Microsoft first disclosed in a March 2001. In fact, it's the first Microsoft worm which causes annoyances to me as a Linux user; the number of mails with subject Returned Response are really numerous here.