The ptsname function in FreeBSD 6.0 up to and including 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 6.1 |
||
freebsd freebsd 7.0 |
||
freebsd freebsd 6.0 |
||
freebsd freebsd 6.2 |
||
freebsd freebsd 6.3 |