The sendfile system call in FreeBSD 5.5 up to and including 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
freebsd freebsd 7.0 |
||
freebsd freebsd 6.2 |
||
freebsd freebsd 5.5 |
||
freebsd freebsd 6.3 |