Executive Summary

Informations
NameCVE-2009-2296First vendor Publication2009-07-02
VendorCveLast vendor Modification2017-08-16

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score10Attack RangeNetwork
Cvss Impact Score10Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The NFSv4 server kernel module in Sun Solaris 10, and OpenSolaris before snv_119, does not properly implement the nfs_portmon setting, which allows remote attackers to access shares, and read, create, and modify arbitrary files, via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2296

CPE : Common Platform Enumeration

TypeDescriptionCount
Os374
Os2

Open Source Vulnerability Database (OSVDB)

idDescription
55519Solaris NFSv4 Server Kernel Module nfs_portmon Tunable Shared Resource Restri...

Information Assurance Vulnerability Management (IAVM)

DateDescription
2009-07-09IAVM : 2009-T-0040 - Sun Solaris Network File System Unauthorized Network Access Vulnerability
Severity : Category II - VMSKEY : V0019716

Snort® IPS/IDS

DateDescription
2014-01-10IBM AIX and Oracle Solaris nfsd v4 nfs_portmon security bypass attempt
RuleID : 20248 - Revision : 4 - Type : PROTOCOL-RPC

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/35546
CONFIRM http://sunsolve.sun.com/search/document.do?assetkey=1-21-139991-03-1
https://support.avaya.com/css/P8/documents/100058487
SECTRACK http://www.securitytracker.com/id?1022492
SUNALERT http://sunsolve.sun.com/search/document.do?assetkey=1-66-262668-1
VUPEN http://www.vupen.com/english/advisories/2009/1747
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/51450

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
DateInformations
2017-08-17 09:22:38
  • Multiple Updates
2016-06-28 17:45:00
  • Multiple Updates
2016-04-27 09:42:27
  • Multiple Updates
2016-04-26 18:56:27
  • Multiple Updates
2014-01-19 21:25:59
  • Multiple Updates
2013-11-11 12:38:20
  • Multiple Updates
2013-05-10 23:53:20
  • Multiple Updates