| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability CVE-2010-0558 CVE-2010-0559
OpenSolaris: user access via kclient or smbadm
Synthesis of the vulnerability
| An attacker can guess the password used by kclient or smbadm. |
Severity: 2/4.
Creation date: 05/02/2010.
|
Description of the vulnerability
The kclient.sh and smbadm commands can be used to join a Windows Active Directory domain.
In order to do so, these commands generate a password for the computer, and then set it with /usr/lib/krb5/ksetpw.
However, the generated password is not sufficiently random, so it can be predicted.
An attacker can therefore guess the password generated by kclient or smbadm, in order to spoof the identity of the computer on the domain. |
Complete Vigil@nce bulletin
Characteristics
Title: OpenSolaris: user access via kclient or smbadm.
Keywords: Active Directory OpenSolaris Windows access kclient krb5 smbadm user.
Identifiers: 275790, 6913788, 6913833, BID-38089, CVE-2010-0558, CVE-2010-0559, VIGILANCE-VUL-9410.
|
Information sources
Solutions for this vulnerability
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Computer applications vulnerability
|