FreeBSD Local Security Checks : FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.60188

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)

Resumen: The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc

Descripción: Summary:
The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc

Vulnerability Insight:
pt_chown is a setuid root support utility used by grantpt(3) to change
ownership of a tty.

openpty(3) is a support function in libutil which is used to obtain a
pseudo-terminal.

script(1) is a utility which makes a typescript of everything printed
on a terminal.

Two issues exist in the FreeBSD pty handling.

If openpty(3) is called as non-root user the newly created
pseudo-terminal is world readable and writeable. While this is
documented to be the case, script(1) still uses openpty(3) and
script(1) may be used by non-root users [CVE-2008-0217].

The ptsname(3) function incorrectly extracts two characters from the
name of a device node in /dev without verifying that it's actually
operating on a valid pty which the calling user owns. pt_chown uses
the bad result from ptsname(3) to change ownership of a pty to the
user calling pt_chown [CVE-2008-0216].

Solution:
Upgrade your system to the appropriate stable release
or security branch dated after the correction date.

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-0216
BugTraq ID: 27284
http://www.securityfocus.com/bid/27284
FreeBSD Security Advisory: FreeBSD-SA-08:01
http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc
http://www.securitytracker.com/id?1019191
http://secunia.com/advisories/28498
XForce ISS Database: freebsd-ptsname-information-disclosure(39667)
https://exchange.xforce.ibmcloud.com/vulnerabilities/39667

Copyright Copyright (C) 2008 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.60188
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-08:01.pty.asc)
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-08:01.pty.asc Vulnerability Insight: pt_chown is a setuid root support utility used by grantpt(3) to change ownership of a tty. openpty(3) is a support function in libutil which is used to obtain a pseudo-terminal. script(1) is a utility which makes a typescript of everything printed on a terminal. Two issues exist in the FreeBSD pty handling. If openpty(3) is called as non-root user the newly created pseudo-terminal is world readable and writeable. While this is documented to be the case, script(1) still uses openpty(3) and script(1) may be used by non-root users [CVE-2008-0217]. The ptsname(3) function incorrectly extracts two characters from the name of a device node in /dev without verifying that it's actually operating on a valid pty which the calling user owns. pt_chown uses the bad result from ptsname(3) to change ownership of a pty to the user calling pt_chown [CVE-2008-0216]. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-0216 BugTraq ID: 27284 http://www.securityfocus.com/bid/27284 FreeBSD Security Advisory: FreeBSD-SA-08:01 http://security.FreeBSD.org/advisories/FreeBSD-SA-08:01.pty.asc http://www.securitytracker.com/id?1019191 http://secunia.com/advisories/28498 XForce ISS Database: freebsd-ptsname-information-disclosure(39667) https://exchange.xforce.ibmcloud.com/vulnerabilities/39667
Copyright	Copyright (C) 2008 E-Soft Inc.