Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2008-0217

The script program in FreeBSD 5.0 through 7.0-PRERELEASE invokes openpty, which creates a pseudo-terminal with world-readable and world-writable permissions when it is not run as root, which allows local users to read data from the terminal of the user running script.

  • Published: Jan 16, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-0217
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.9
  • AV:L/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
freebsd / freebsd 7.0-pre-release 7.0-pre-release.x
freebsd / freebsd 6.1 6.1.x
freebsd / freebsd 5.5 5.5.x
freebsd / freebsd 7.0 7.0.x
freebsd / freebsd 6.0 6.0.x
freebsd / freebsd 6.2 6.2.x
freebsd / freebsd 5.0 5.0.x