CVE-2003-0722 — Vulnetix

Try Vulnetix Request Demo

CVE-2003-0722 PUBLISHED CVSS 10 CRITICAL

The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.

EPSS 87.09% · 99.4th percentile

Risk Scores

CVSS v2.0

10

EPSS Score

87.09%

99.4th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
sun	solaris

Timeline

Sep 17, 2003 CVE Published
Jun 22, 2010 PoC Published
May 29, 2018 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Apr 29, 2022 CVE Updated
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

VU#41870 third-party-advisory
8615 vdb
9742 third-party-advisory
N-148 third-party-advisory
oval:org.mitre.oval:def:1273 vdb
20030918 Solaris SADMIND Exploitation mailing-list
http://www.idefense.com/advisory/09.16.03.txt url
56740 vendor-advisory
20030918 Solaris SADMIND Exploitation mailing-list
https://nvd.nist.gov/vuln/detail/CVE-2003-0722 advisory

Open in Interactive Console →