2.1
CWE
200
Advisory Published
Updated

CVE-2009-2031: Infoleak

First published: Thu Jun 11 2009(Updated: )

smbfs in Sun OpenSolaris snv_84 through snv_110, when default mount permissions are used, allows local users to read arbitrary files, and list arbitrary directories, on CIFS volumes.

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Solaris=snv_101
Solaris=snv_90
Solaris=snv_93
Solaris=snv_110
Solaris=snv_85
Solaris=snv_87
Solaris=snv_87
Solaris=snv_91
Solaris=snv_92
Solaris=snv_85
Solaris=snv_104
Solaris=snv_103
Solaris=snv_105
Solaris=snv_88
Solaris=snv_93
Solaris=snv_103
Solaris=snv_84
Solaris=snv_106
Solaris=snv_106
Solaris=snv_86
Solaris=snv_100
Solaris=snv_107
Solaris=snv_89
Solaris=snv_90
Solaris=snv_96
Solaris=snv_99
Solaris=snv_107
Solaris=snv_97
Solaris=snv_100
Solaris=snv_96
Solaris=snv_94
Solaris=snv_86
Solaris=snv_98
Solaris=snv_98
Solaris=snv_109
Solaris=snv_95
Solaris=snv_108
Solaris=snv_102
Solaris=snv_105
Solaris=snv_108
Solaris=snv_95
Solaris=snv_88
Solaris=snv_84
Solaris=snv_92
Solaris=snv_104
Solaris=snv_94
Solaris=snv_101
Solaris=snv_97
Solaris=snv_99
Solaris=snv_109
Solaris=snv_102
Solaris=snv_110
Solaris=snv_91
Solaris=snv_89

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is the severity of CVE-2009-2031?

    CVE-2009-2031 is considered a moderate severity vulnerability due to the potential for unauthorized access to files and directories on CIFS volumes.

  • How do I fix CVE-2009-2031?

    To fix CVE-2009-2031, configure the mount permissions for smbfs to restrict access to authorized users only.

  • Who is affected by CVE-2009-2031?

    CVE-2009-2031 affects local users of the Sun OpenSolaris versions from snv_84 to snv_110.

  • What type of vulnerability is CVE-2009-2031?

    CVE-2009-2031 is a local security vulnerability that allows unauthorized file and directory access.

  • Are there any exploits known for CVE-2009-2031?

    As of now, specific exploits for CVE-2009-2031 have not been publicly disclosed, but the vulnerability poses a risk through improper access permissions.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203