PT-2009-4485 · Sun · Smbfs

Published

2009-06-11

Updated

2009-06-19

CVE-2009-2031

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions smbfs in Sun OpenSolaris versions snv 84 through snv 110

Description The issue allows local users to read arbitrary files and list arbitrary directories on CIFS volumes when default mount permissions are used.

Recommendations For versions snv 84 through snv 110, consider changing the default mount permissions to restrict access to sensitive files and directories on CIFS volumes. As a temporary workaround, restrict access to the CIFS volumes to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2009-2031

Affected Products

Smbfs

PT-2009-4485 · Sun · Smbfs

CVE-2009-2031

Weakness Enumeration

Related Identifiers

Affected Products

References · 4