CVE-2009-0873
OpenSolaris - Unauthenticated File Access Bypass via NFSv3 Security Mode Combination
Title source: llmDescription
The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."
References (11)
Core 11
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0814
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34435
Exploit vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1021832
Vendor Advisory x_refsource_confirm
http://support.avaya.com/elmodocs2/security/ASA-2009-096.htm
Patch, Vendor Advisory x_refsource_confirm
http://sunsolve.sun.com/search/document.do?assetkey=1-21-139462-02-1
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/49171
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0657
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/34062
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/34225
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/52560
Patch, Vendor Advisory vendor-advisory
x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-250306-1
Scores
EPSS
0.0105
EPSS Percentile
77.8%
Details
CWE
CWE-264
Status
published
Products (50)
sun/opensolaris
snv_01
sun/opensolaris
snv_02
sun/opensolaris
snv_03
sun/opensolaris
snv_04
sun/opensolaris
snv_05
sun/opensolaris
snv_06
sun/opensolaris
snv_07
sun/opensolaris
snv_08
sun/opensolaris
snv_09
sun/opensolaris
snv_10
... and 40 more
Published
Mar 11, 2009
Tracked Since
Feb 18, 2026