Lucene search

[email protected]CVE-2009-3706

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2009-3706

2022-10-0316:23:55

[email protected]

web.nvd.nist.gov

cve-2009-3706

zfs filesystem

solaris

opensolaris

local users

privilege bypass

chown system call

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.

Affected configurations

NVD

Node

sunopensolarisMatchsnv_100sparc

sunopensolarisMatchsnv_101sparc

sunopensolarisMatchsnv_102sparc

sunopensolarisMatchsnv_103sparc

sunopensolarisMatchsnv_104sparc

sunopensolarisMatchsnv_105sparc

sunopensolarisMatchsnv_106sparc

sunopensolarisMatchsnv_107sparc

sunopensolarisMatchsnv_108sparc

sunopensolarisMatchsnv_109sparc

sunopensolarisMatchsnv_110sparc

sunopensolarisMatchsnv_111sparc

sunopensolarisMatchsnv_112sparc

sunopensolarisMatchsnv_113sparc

sunopensolarisMatchsnv_114sparc

sunopensolarisMatchsnv_115sparc

sunopensolarisMatchsnv_116sparc

sunopensolarisMatchsnv_117sparc

sunsolarisMatch10sparc

sunsolarisMatch10.0sparc

Node

sunopensolarisMatchsnv_100x86

sunopensolarisMatchsnv_101x86

sunopensolarisMatchsnv_102x86

sunopensolarisMatchsnv_103x86

sunopensolarisMatchsnv_104x86

sunopensolarisMatchsnv_105x86

sunopensolarisMatchsnv_106x86

sunopensolarisMatchsnv_107x86

sunopensolarisMatchsnv_108x86

sunopensolarisMatchsnv_109x86

sunopensolarisMatchsnv_110x86

sunopensolarisMatchsnv_111x86

sunopensolarisMatchsnv_112x86

sunopensolarisMatchsnv_113x86

sunopensolarisMatchsnv_114x86

sunopensolarisMatchsnv_115x86

sunopensolarisMatchsnv_116x86

sunopensolarisMatchsnv_117x86

sunsolarisMatch10x86

CPENameOperatorVersion
sun:opensolarissun opensolariseqsnv_100
sun:opensolarissun opensolariseqsnv_101
sun:opensolarissun opensolariseqsnv_102
sun:opensolarissun opensolariseqsnv_103
sun:opensolarissun opensolariseqsnv_104
sun:opensolarissun opensolariseqsnv_105
sun:opensolarissun opensolariseqsnv_106
sun:opensolarissun opensolariseqsnv_107
sun:opensolarissun opensolariseqsnv_108
sun:opensolarissun opensolariseqsnv_109

CPE	Name	Operator	Version
sun:opensolaris	sun opensolaris	eq	snv_100
sun:opensolaris	sun opensolaris	eq	snv_101
sun:opensolaris	sun opensolaris	eq	snv_102
sun:opensolaris	sun opensolaris	eq	snv_103
sun:opensolaris	sun opensolaris	eq	snv_104
sun:opensolaris	sun opensolaris	eq	snv_105
sun:opensolaris	sun opensolaris	eq	snv_106
sun:opensolaris	sun opensolaris	eq	snv_107
sun:opensolaris	sun opensolaris	eq	snv_108
sun:opensolaris	sun opensolaris	eq	snv_109

Rows per page:

1-10 of 201

References

secunia.com/advisories/37010

sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1

sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1

www.securityfocus.com/bid/36702

www.vupen.com/english/advisories/2009/2917

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

6.4 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

13.4%

JSON

Related for CVE-2009-3706

cvelist1 nvd1 prion1 nessus2