Secunia
Login
|
|
CVE Reference: CVE-2009-0872 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2009-0872 |
|
|
Description: The NFS server in Sun Solaris 10, and OpenSolaris before snv_111, does not properly implement the AUTH_NONE (aka sec=none) security mode in combination with other security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the AUTH_NONE and AUTH_SYS security modes. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/49170 SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-253588-1 ST 1021833 SAID Secunia Advisory: SA34213 Secunia Advisory: SA34429 OSVDB 52559 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2009-093.htm http://sunsolve.sun.com/search/document.do?assetkey=1-21-139462-02-1 BID 34063 |
|
| Return to the previous page. |
