CVE-2009-0873

2009-03-11T14:19:00
ID CVE-2009-0873
Type cve
Reporter cve@mitre.org
Modified 2018-10-30T16:25:00

Description

The NFS daemon (aka nfsd) in Sun Solaris 10 and OpenSolaris before snv_106, when NFSv3 is used, does not properly implement combinations of security modes, which allows remote attackers to bypass intended access restrictions and read or modify files, as demonstrated by a combination of the sec=sys and sec=krb5 security modes, related to modes that "override each other."