Lucene search
HistoryJan 16, 2008 - 2:00 a.m.
CVE-2008-0217
cve-2008-0217
freebsd
openpty
pseudo-terminal
world-readable
world-writable
local users
data leakage
6.1 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
Related
prion
prion
Code injection
2008-01-16 02:00:00
ubuntucve
ubuntucve
CVE-2008-0217
2008-01-16 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-08:01.pty
2008-01-16 00:00:00
FreeBSD pty hijacking
2008-01-16 00:00:00
seebug
seebug
FreeBSD ptyε€ηε€δΈͺζ¬ε°δΏ‘ζ―ζ³ι²ζΌζ΄
2008-01-23 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-08:01.pty
2008-01-14 00:00:00
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
2008-09-04 00:00:00
FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
2008-09-04 00:00:00
6.1 Medium
AI Score
Confidence
Low
6.9 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.2%
Related for CVE-2008-0217