Unrated severityNVD Advisory· Published Dec 4, 2009· Updated Apr 23, 2026

CVE-2009-4211

Description

The U.S. Defense Information Systems Agency (DISA) Security Readiness Review (SRR) script for the Solaris x86 platform executes files in arbitrary directories as root for filenames equal to (1) java, (2) openssl, (3) php, (4) snort, (5) tshark, (6) vncserver, or (7) wireshark, which allows local users to gain privileges via a Trojan horse program.

Affected products

Disa/Srr For Solaris
cpe:2.3:a:disa:srr_for_solaris:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securitytracker.com/idnvd
www.kb.cert.org/vuls/id/433821nvd
www.securityfocus.com/archive/1/508188/100/0/threadednvd
www.securityfocus.com/bid/37200nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000