CVE-2008-0216 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0216): The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.
CVE-2008-0217 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0217): The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
BSD herd, please advise and bump.
(In reply to comment #0) > CVE-2008-0216 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0216): > The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly > verify that a certain portion of a device name is associated with a pty of a > user who is calling the pt_chown function, which might allow local users to > read data from the pty from another user. > patched in freebsd-lib-6.2-r4
(In reply to comment #1) > CVE-2008-0217 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-0217): > The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, > which creates a pseudo-terminal with world-readable and world-writable > permissions when it is not run as root, which allows local users to read data > from the terminal of the user running script. > actually the openpty function is patched too in freebsd-lib-6.2-r4 as far as I understand it, the script program doesn't need any modification
thanks, closing.