Vulnerabilities > CVE-2009-2296 - Unspecified vulnerability in SUN Opensolaris and Solaris

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

sun

critical

nessus

NVD

Published: 2009-07-02

Updated: 2017-08-17

Summary

The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
OS	Sun SUN Opensolaris Snv_01 SUN Opensolaris Snv_02 SUN Opensolaris Snv_03 SUN Opensolaris Snv_04 SUN Opensolaris Snv_05 SUN Opensolaris Snv_06 SUN Opensolaris Snv_07 SUN Opensolaris Snv_08 SUN Opensolaris Snv_09 SUN Opensolaris Snv_10 SUN Opensolaris Snv_11 SUN Opensolaris Snv_12 SUN Opensolaris Snv_13 SUN Opensolaris Snv_14 SUN Opensolaris Snv_15 SUN Opensolaris Snv_16 SUN Opensolaris Snv_17 SUN Opensolaris Snv_18 SUN Opensolaris Snv_19 SUN Opensolaris Snv_20 SUN Opensolaris Snv_21 SUN Opensolaris Snv_22 SUN Opensolaris Snv_23 SUN Opensolaris Snv_24 SUN Opensolaris Snv_25 SUN Opensolaris Snv_26 SUN Opensolaris Snv_27 SUN Opensolaris Snv_28 SUN Opensolaris Snv_29 SUN Opensolaris Snv_30 SUN Opensolaris Snv_31 SUN Opensolaris Snv_32 SUN Opensolaris Snv_33 SUN Opensolaris Snv_34 SUN Opensolaris Snv_35 SUN Opensolaris Snv_36 SUN Opensolaris Snv_37 SUN Opensolaris Snv_38 SUN Opensolaris Snv_39 SUN Opensolaris Snv_40 SUN Opensolaris Snv_41 SUN Opensolaris Snv_42 SUN Opensolaris Snv_43 SUN Opensolaris Snv_44 SUN Opensolaris Snv_45 SUN Opensolaris Snv_46 SUN Opensolaris Snv_47 SUN Opensolaris Snv_48 SUN Opensolaris Snv_49 SUN Opensolaris Snv_50 SUN Opensolaris Snv_51 SUN Opensolaris Snv_52 SUN Opensolaris Snv_53 SUN Opensolaris Snv_54 SUN Opensolaris Snv_55 SUN Opensolaris Snv_56 SUN Opensolaris Snv_57 SUN Opensolaris Snv_58 SUN Opensolaris Snv_59 SUN Opensolaris Snv_60 SUN Opensolaris Snv_61 SUN Opensolaris Snv_62 SUN Opensolaris Snv_63 SUN Opensolaris Snv_64 SUN Opensolaris Snv_65 SUN Opensolaris Snv_66 SUN Opensolaris Snv_67 SUN Opensolaris Snv_68 SUN Opensolaris Snv_69 SUN Opensolaris Snv_70 SUN Opensolaris Snv_71 SUN Opensolaris Snv_72 SUN Opensolaris Snv_73 SUN Opensolaris Snv_74 SUN Opensolaris Snv_75 SUN Opensolaris Snv_76 SUN Opensolaris Snv_77 SUN Opensolaris Snv_78 SUN Opensolaris Snv_79 SUN Opensolaris Snv_80 SUN Opensolaris Snv_81 SUN Opensolaris Snv_82 SUN Opensolaris Snv_83 SUN Opensolaris Snv_84 SUN Opensolaris Snv_85 SUN Opensolaris Snv_86 SUN Opensolaris Snv_87 SUN Opensolaris Snv_88 SUN Opensolaris Snv_89 SUN Opensolaris Snv_90 SUN Opensolaris Snv_91 SUN Opensolaris Snv_92 SUN Opensolaris Snv_93 SUN Opensolaris Snv_94 SUN Opensolaris * SUN Opensolaris Snv_96 SUN Opensolaris Snv_97 SUN Opensolaris Snv_98 SUN Opensolaris Snv_99 SUN Opensolaris Snv_100 SUN Opensolaris Snv_101 SUN Opensolaris Snv_102 SUN Opensolaris Snv_103 SUN Opensolaris Snv_104 SUN Opensolaris Snv_105 SUN Opensolaris Snv_106 SUN Opensolaris Snv_107 SUN Opensolaris Snv_108 SUN Opensolaris Snv_109 SUN Opensolaris Snv_110 SUN Opensolaris Snv_111 SUN Opensolaris Snv_112 SUN Opensolaris Snv_113 SUN Opensolaris Snv_114 SUN Opensolaris Snv_115 SUN Opensolaris Snv_116 SUN Opensolaris Snv_117 SUN Solaris 10	226

Nessus

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_139991.NASL
description	SunOS 5.10: nfssrv patch. Date this patch was last updated by Sun : Jun/29/09
last seen	2018-09-01
modified	2018-08-13
plugin id	38823
published	2009-05-19
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=38823
title	Solaris 10 (sparc) : 139991-03

NASL family	Solaris Local Security Checks
NASL id	SOLARIS10_X86_140109.NASL
description	SunOS 5.10_x86: nfssrv patch. Date this patch was last updated by Sun : Jun/29/09
last seen	2018-09-01
modified	2018-08-13
plugin id	38826
published	2009-05-19
reporter	Tenable
source	https://www.tenable.com/plugins/index.php?view=single&id=38826
title	Solaris 10 (x86) : 140109-03

Summary

Vulnerable Configurations

Nessus

References