The script program in FreeBSD 5.0 up to and including 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 6.0 |
||
freebsd freebsd 6.1 |
||
freebsd freebsd 6.2 |
||
freebsd freebsd 7.0 |
||
freebsd freebsd 5.0 |
||
freebsd freebsd 5.5 |