Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:L/AC:M/Au:N/C:P/I:P/A:P
Vendors Products
Sun
  • Opensolaris
  • Solaris

Configuration 1 [-]

OR cpe:2.3:o:sun:opensolaris:snv_100:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_101:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_102:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_103:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_104:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_105:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_106:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_107:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_108:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_109:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_110:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_111:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_112:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_113:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_114:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_115:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_116:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_117:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:sparc:*:*:*:*:*
cpe:2.3:o:sun:solaris:10.0:*:sparc:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:sun:opensolaris:snv_100:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_101:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_102:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_103:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_104:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_105:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_106:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_107:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_108:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_109:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_110:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_111:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_112:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_113:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_114:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_115:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_116:*:x86:*:*:*:*:*
cpe:2.3:o:sun:opensolaris:snv_117:*:x86:*:*:*:*:*
cpe:2.3:o:sun:solaris:10:*:x86:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/37010 Vendor Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1 Patch
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1 Patch Vendor Advisory
http://www.securityfocus.com/bid/36702
http://www.vupen.com/english/advisories/2009/2917 Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:23:55

Updated: 2022-10-03T16:23:55

Reserved: 2022-10-03T00:00:00

Link: CVE-2009-3706

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2009-10-16T16:30:00.877

Modified: 2009-10-16T16:30:00.877

Link: CVE-2009-3706

JSON object: View

cve-icon Redhat Information

No data.

CWE