CVE-2008-0217

CVE-2008-0217

EPSS 0.3%

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://secunia.com/advisories/28498 http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc https://exchange.xforce.ibmcloud.com/vulnerabilities/39665 http://www.securityfocus.com/bid/27284 http://www.securitytracker.com/id?1019191