Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-0217

Опубликовано: 16 янв. 2008
Источник: nvd
CVSS2: 6.9
EPSS Низкий

Описание

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:freebsd:freebsd:5.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.5:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:6.2:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:7.0:pre-release:*:*:*:*:*:*

EPSS

Процентиль: 10%
0.00036
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2008-0217

ubuntu
почти 18 лет назад

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

debian логотип

CVE-2008-0217

debian
почти 18 лет назад

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openp ...

github логотип

GHSA-cw47-m83w-8xg4

github
больше 3 лет назад

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

EPSS

Процентиль: 10%
0.00036
Низкий

6.9 Medium

CVSS2

Дефекты

CWE-264