Vulnerability Details CVE-2009-3706
Unspecified vulnerability in the ZFS filesystem in Sun Solaris 10, and OpenSolaris snv_100 through snv_117, allows local users to bypass intended limitations of the file_chown_self privilege via certain uses of the chown system call.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 19.6%
CVSS Severity
CVSS v2 Score 4.4
References
- http://secunia.com/advisories/37010
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1
- http://www.securityfocus.com/bid/36702
- http://www.vupen.com/english/advisories/2009/2917
- http://secunia.com/advisories/37010
- http://sunsolve.sun.com/search/document.do?assetkey=1-21-141444-09-1
- http://sunsolve.sun.com/search/document.do?assetkey=1-66-265908-1
- http://www.securityfocus.com/bid/36702
- http://www.vupen.com/english/advisories/2009/2917
Products affected by CVE-2009-3706
-
cpe:2.3:o:sun:opensolaris:snv_100
-
cpe:2.3:o:sun:opensolaris:snv_101
-
cpe:2.3:o:sun:opensolaris:snv_102
-
cpe:2.3:o:sun:opensolaris:snv_103
-
cpe:2.3:o:sun:opensolaris:snv_104
-
cpe:2.3:o:sun:opensolaris:snv_105
-
cpe:2.3:o:sun:opensolaris:snv_106
-
cpe:2.3:o:sun:opensolaris:snv_107
-
cpe:2.3:o:sun:opensolaris:snv_108
-
cpe:2.3:o:sun:opensolaris:snv_109
-
cpe:2.3:o:sun:opensolaris:snv_110
-
cpe:2.3:o:sun:opensolaris:snv_111
-
cpe:2.3:o:sun:opensolaris:snv_112
-
cpe:2.3:o:sun:opensolaris:snv_113
-
cpe:2.3:o:sun:opensolaris:snv_114
-
cpe:2.3:o:sun:opensolaris:snv_115
-
cpe:2.3:o:sun:opensolaris:snv_116
-
cpe:2.3:o:sun:opensolaris:snv_117
-
cpe:2.3:o:sun:solaris:10
-
cpe:2.3:o:sun:solaris:10.0