Zero day for Sun Solstice AdminSuite (sadmind)

A zero day disclosure is never a good thing but people need to be beware when it does. A vulnerability resides within a function of the Sun Solstice AdminSuite sadmind, which when properly exploited can lead to remote compromise of the vulnerable system. This information was posted to the Full Disclosure Mailinglist 2 days ago, together with an exploit for Metaploit.

I checked the Sun Security advisories but I couldn't find any information (yet). Disable the port or service if you don't need it or try to shield it if you do. Put an ACL in place. Keep an eye on upcoming advisories for workarounds and patches.

Related posts:

[Source: security4all]