CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2008-0216
https://notcve.org/view.php?id=CVE-2008-0216
16 Jan 2008 — The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user. La función ptsname en FreeBSD 6.0 hasta el 7.0-PRERELEASE no verifica de forma adecuada que una cierta porción de un nombre de dispositivo está asociado con un pty de un usuario quien está llamando a la función, la cual podría permitir a us... • http://secunia.com/advisories/28498 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2008-0217
https://notcve.org/view.php?id=CVE-2008-0217
16 Jan 2008 — The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script. La secuencia de comandos en FreeBSD 5.0 hasta 7.0-PRERELEASE llama a openpty, el cual crea un pseudo-terminal con permisos: lectura-todos y escritura-todos cuando no está funcionando como root, lo cual permite a usuarios locales leer datos des... • http://secunia.com/advisories/28498 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2007-6150
https://notcve.org/view.php?id=CVE-2007-6150
30 Nov 2007 — The "internal state tracking" code for the random and urandom devices in FreeBSD 5.5, 6.1 through 6.3, and 7.0 beta 4 allows local users to obtain portions of previously-accessed random values, which could be leveraged to bypass protection mechanisms that rely on secrecy of those values. El código de "seguimiento del estado interno" para los dispositivos random y urandom de FreeBSD 5.5, 6.1 hasta 6.3, y 7.0 beta 4 permite a usuarios locales obtener parte de valores aleatorios que han sido accedidos previame... • http://osvdb.org/39600 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 2CVE-2005-4351
https://notcve.org/view.php?id=CVE-2005-4351
31 Dec 2005 — The securelevels implementation in FreeBSD 7.0 and earlier, OpenBSD up to 3.8, DragonFly up to 1.2, and Linux up to 2.6.15 allows root users to bypass immutable settings for files by mounting another filesystem that masks the immutable files while the system is running. • http://archives.neohapsis.com/archives/openbsd/2005-10/1523.html •