FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60188

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc

pt_chown is a setuid root support utility used by grantpt(3) to change
ownership of a tty.

openpty(3) is a support function in libutil which is used to obtain a
pseudo-terminal.

script(1) is a utility which makes a typescript of everything printed
on a terminal.

Two issues exist in the FreeBSD pty handling.

If openpty(3) is called as non-root user the newly created
pseudo-terminal is world readable and writeable. While this is
documented to be the case, script(1) still uses openpty(3) and
script(1) may be used by non-root users [CVE-2008-0217].

The ptsname(3) function incorrectly extracts two characters from the
name of a device node in /dev without verifying that it's actually
operating on a valid pty which the calling user owns. pt_chown uses
the bad result from ptsname(3) to change ownership of a pty to the
user calling pt_chown [CVE-2008-0216].

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date

http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-08:01.pty.asc

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0216
BugTraq ID: 27284
http://www.securityfocus.com/bid/27284
FreeBSD Security Advisory: FreeBSD-SA-08:01
http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc
http://www.securitytracker.com/id?1019191
http://secunia.com/advisories/28498
XForce ISS Database: freebsd-ptsname-information-disclosure(39667)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39667

Copyright Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60188
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc pt_chown is a setuid root support utility used by grantpt(3) to change ownership of a tty. openpty(3) is a support function in libutil which is used to obtain a pseudo-terminal. script(1) is a utility which makes a typescript of everything printed on a terminal. Two issues exist in the FreeBSD pty handling. If openpty(3) is called as non-root user the newly created pseudo-terminal is world readable and writeable. While this is documented to be the case, script(1) still uses openpty(3) and script(1) may be used by non-root users [CVE-2008-0217]. The ptsname(3) function incorrectly extracts two characters from the name of a device node in /dev without verifying that it's actually operating on a valid pty which the calling user owns. pt_chown uses the bad result from ptsname(3) to change ownership of a pty to the user calling pt_chown [CVE-2008-0216]. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date http://www.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-08:01.pty.asc CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0216 BugTraq ID: 27284 http://www.securityfocus.com/bid/27284 FreeBSD Security Advisory: FreeBSD-SA-08:01 http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc http://www.securitytracker.com/id?1019191 http://secunia.com/advisories/28498 XForce ISS Database: freebsd-ptsname-information-disclosure(39667) https://exchange.xforce.ibmcloud.com/vulnerabilities/39667
Copyright	Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com