CVE-2009-0873

CVE-2009-0873 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."

Learn more about our Cis Benchmark Audit For Oracle Solaris.