EUVD-2006-0134

Malware in sbrugna...

FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc ADV FreeBSD-SA-08:01.pty.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Code injection

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script...

CVE-2008-0217

FreeBSD CVE-2008-0217 describes two pty handling flaws in openpty/ptsname that allow a non‑root user to snoop or hijack a tty: when openpty is called by openpty, the new pty is world‑readable/writable; ptsname returns potentially invalid device names used by pt_chown to transfer ownership. Affect...

FreeBSD Security Advisory FreeBSD-SA-08:01.pty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin Affect...

FreeBSD-SA-08:01.pty

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:01.pty Security Advisory The FreeBSD Project Topic: pty snooping Category: core Module: libcstdlib / libutil Announced: 2008-01-14 Credits: John Baldwin...

FreeBSD : rxvt-unicode -- restore permissions on tty devices (c2fdb3bc-7d72-11da-b96e-000fb586ba73)

A rxvt-unicode changelog reports : SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable likely in original rxvt, too, and were not restored properly. Affected are only systems where non-unix ptys were...

rxvt-unicode -- restore permissions on tty devices

A rxvt-unicode changelog reports: SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable likely in original rxvt, too, and were not restored properly. Affected are only systems where non-unix ptys were us...