cve-2009-2031
Vulnerability from cvelistv5
Published
2009-06-11 21:00
Modified
2024-08-07 05:36
Severity ?
EPSS score ?
Summary
smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:36:20.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "257548",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257548-1"
},
{
"name": "ADV-2009-1569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1569"
},
{
"name": "35306",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35306"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-06-19T09:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "257548",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257548-1"
},
{
"name": "ADV-2009-1569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1569"
},
{
"name": "35306",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35306"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2031",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "257548",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-257548-1"
},
{
"name": "ADV-2009-1569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1569"
},
{
"name": "35306",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35306"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2031",
"datePublished": "2009-06-11T21:00:00",
"dateReserved": "2009-06-11T00:00:00",
"dateUpdated": "2024-08-07T05:36:20.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-2031\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-06-11T21:30:00.267\",\"lastModified\":\"2024-11-21T01:03:58.190\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.\"},{\"lang\":\"es\",\"value\":\"smbfs en Sun OpenSolaris snv_84 hasta snv_110, cuando permisos de montaje por defecto son utilizados, permite a los usuarios locales leer arbitrariamente archivo, y listar arbitrariamente directorios, en vol\u00famenes CIFS.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_84:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"5299CAB1-9819-4AE4-9429-8CA32F692C86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_84:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"46D8D5D1-8855-4116-99B3-EA1F78FDEF02\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_85:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"ECD23A89-A86B-44D3-A3D1-EFF3D8551DCE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_85:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"999FFE1D-D7D4-476B-8A46-9D0179DB570B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_86:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"75B778E3-EFCF-4AB0-B2C7-E585C190CD3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_86:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"2B14945C-350A-4895-92C1-932208533F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_87:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"80CFB4CD-CE38-4F24-87EE-0CA622E4E9A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_87:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"513D435B-D28B-4833-88E6-A1A8743177F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_88:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"460EE9E9-27BA-4C8B-9F06-BBA648105720\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_88:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"4126C6C9-90AB-470E-AF83-4ED1FDD90511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_89:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"57CA01EF-2AFC-44FB-96EE-AF85B3019BEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_89:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"3275E47F-5A4B-4843-A07C-82DEE852672C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_90:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"CD673F9F-442E-4997-A0E3-D4B595D16B3E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_90:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"58017DDC-63B3-458C-9803-4683211A4C3C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_91:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"0BEADEEA-4D63-4E69-BFEE-02205150F909\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_91:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"6692EE63-A76B-47C3-BC0D-7C15CA6FE013\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_92:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"54DA5312-D935-444E-8154-514C5BD6E3F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_92:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"BA1E27E5-FE20-42FA-9A61-A7174E705EB3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_93:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"EA41BAD9-BC09-4E5C-8759-AD4E4D2B3ACC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_93:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"65A32803-580D-4D07-B39B-2159258CBA8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_94:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"FF6EFE12-51AD-4879-9529-B7EA425059C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_94:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"13B51612-3BD6-449F-AD63-D01F8D05B269\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_95:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"7E32AD47-A96B-4A83-AEA2-98E6DD1FD5BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_95:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"4B2E7E54-2268-4C54-9363-C2D363D3A447\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_96:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"7A54DEC9-4F04-4E0A-B253-8822F114DCC0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_96:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"F6000B0F-0E72-4E68-A5EE-35BA6FB59C57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_97:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"447E9E9E-5B19-4261-8B70-F63EAE61DB95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_97:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"51AB0746-66E6-4FF5-9CB2-42E29A01C961\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_98:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"2B4A015E-802F-4440-AF10-683B5E0586B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_98:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"D1A9DCF7-F469-4D77-966F-3721F377D80B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_99:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"04D12F3A-4C47-4B49-B3DE-484C1EE466E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_99:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"3D028821-CA38-48C4-9324-222526AC8413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"5BE8232A-2464-449A-A7B6-D44447AA9080\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"1F2CB558-9390-4AAE-A66D-E3DA537E3115\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"37D9D7A5-63F5-49F6-90EE-EBE5B3FA6DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"5ED4FAD0-E91F-438D-A3CB-BACFB7F7E975\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"6061C499-21A8-4EC4-B5AD-F6E876B15C48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"411B33D1-F55D-42C0-9046-040ABC42E31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_103:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"677C89EB-1575-46B6-A07C-C8BAA829F620\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_103:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"0491828F-8BB7-4463-AEE7-BFA0C574B6A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_104:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"59679597-3883-4D20-A6E6-0C1CB0BAB3E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_104:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"CE4D5683-259F-449E-B1C7-2BD81CC4805F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_105:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"98368E28-F8A9-40E3-ADB4-BF9F9F20F76D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_105:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"42B7F288-2D35-4988-97B0-C529485033C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_106:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"A799B071-D0A6-47C4-80DF-75AB9ADD2916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_106:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"F276AFE2-B501-4355-9716-9D1A75AD09CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_107:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"58A9EC84-8FD4-455F-95DE-FBFD67A1441E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_107:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"8ADE7EBB-8014-459F-A189-9D902BEE1FD1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_108:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"BB9190F5-DF79-4EFC-B8B8-5B373BCDD1F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_108:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"FF3DEB74-D65C-427A-8907-6044238E8C03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_109:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"264D137D-0B78-4F47-AA9F-427D535A1AE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"A7A2D975-A03A-494A-8CFE-2D8932906C14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_110:*:sparc:*:*:*:*:*\",\"matchCriteriaId\":\"7D970B1B-44C6-443B-9029-D7182782BD1F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*\",\"matchCriteriaId\":\"5B3DB52A-595F-4A50-98D5-DF308471B823\"}]}]}],\"references\":[{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-257548-1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35306\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1569\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-66-257548-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/35306\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2009/1569\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.