FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.60188

Kategorie: FreeBSD Local Security Checks

Titel: FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Zusammenfassung: The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc

Beschreibung: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc

Vulnerability Insight:
pt_chown is a setuid root support utility used by grantpt(3) to change
ownership of a tty.

openpty(3) is a support function in libutil which is used to obtain a
pseudo-terminal.

script(1) is a utility which makes a typescript of everything printed
on a terminal.

Two issues exist in the FreeBSD pty handling.

If openpty(3) is called as non-root user the newly created
pseudo-terminal is world readable and writeable. While this is
documented to be the case, script(1) still uses openpty(3) and
script(1) may be used by non-root users [CVE-2008-0217].

The ptsname(3) function incorrectly extracts two characters from the
name of a device node in /dev without verifying that it's actually
operating on a valid pty which the calling user owns. pt_chown uses
the bad result from ptsname(3) to change ownership of a pty to the
user calling pt_chown [CVE-2008-0216].

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2008-0216
BugTraq ID: 27284
http://www.securityfocus.com/bid/27284
FreeBSD Security Advisory: FreeBSD-SA-08:01
http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc
http://www.securitytracker.com/id?1019191
http://secunia.com/advisories/28498
XForce ISS Database: freebsd-ptsname-information-disclosure(39667)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39667

Copyright Copyright (C) 2008 E-Soft Inc.

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.60188
Kategorie:	FreeBSD Local Security Checks
Titel:	FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
Zusammenfassung:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc
Beschreibung:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc Vulnerability Insight: pt_chown is a setuid root support utility used by grantpt(3) to change ownership of a tty. openpty(3) is a support function in libutil which is used to obtain a pseudo-terminal. script(1) is a utility which makes a typescript of everything printed on a terminal. Two issues exist in the FreeBSD pty handling. If openpty(3) is called as non-root user the newly created pseudo-terminal is world readable and writeable. While this is documented to be the case, script(1) still uses openpty(3) and script(1) may be used by non-root users [CVE-2008-0217]. The ptsname(3) function incorrectly extracts two characters from the name of a device node in /dev without verifying that it's actually operating on a valid pty which the calling user owns. pt_chown uses the bad result from ptsname(3) to change ownership of a pty to the user calling pt_chown [CVE-2008-0216]. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0216 BugTraq ID: 27284 http://www.securityfocus.com/bid/27284 FreeBSD Security Advisory: FreeBSD-SA-08:01 http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc http://www.securitytracker.com/id?1019191 http://secunia.com/advisories/28498 XForce ISS Database: freebsd-ptsname-information-disclosure(39667) https://exchange.xforce.ibmcloud.com/vulnerabilities/39667
Copyright	Copyright (C) 2008 E-Soft Inc.