The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3567
https://exchange.xforce.ibmcloud.com/vulnerabilities/14918
http://www.securityfocus.com/bid/9852
http://www.ciac.org/ciac/bulletins/o-099.shtml