5 matches found
Solaris 10 (x86) : 139463-02
SunOS 5.10x86: nfssrv patch. Date this patch was last updated by Sun : Mar/05/09 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (x86) : 139463-02
SunOS 5.10x86: nfssrv patch. Date this patch was last updated by Sun : Mar/05/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom...
Solaris 10 (sparc) : 139462-02
SunOS 5.10: nfssrv patch. Date this patch was last updated by Sun : Mar/05/09 %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a recommended security fix. Disabled on 2011/10/24. C Tenable Network Security, Inc. if ! definedfunc"bnrandom"...
Sun Solaris NFS服务程序安全模式非授权访问漏洞
BUGTRAQ ID: 34063 CVECAN ID: CVE-2009-0872 Solaris是一款由Sun开发和维护的商业UNIX操作系统。 Solaris的NSF服务程序没有正确地结合其他安全模式实现AUTHNONE(sec=none)安全模式,远程攻击者可以组合使用(AUTHNONE)和sys(AUTHSYS)安全模式绕过限制,非授权访问通过NFS共享的文件系统。 Sun Solaris 10.0x86 Sun Solaris 10.0 Sun OpenSolaris snv01 - snv110 临时解决方法:...
CVE-2009-0872
CVE-2009-0872 affects Sun Solaris 10 and OpenSolaris builds prior to snv_111, where the NFS server fails to properly enforce AUTH_NONE (sec=none) when used with other security modes. This allows remote attackers to bypass access controls and read/modify files by abusing a combination of AUTH_NONE...