Total vulnerabilities in the database
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation.
| Software | From | Fixed in |
|---|---|---|
| freebsd / freebsd | 6.4 | 6.4.x |
| freebsd / freebsd | 6.3 | 6.3.x |
| freebsd / freebsd | 8.0 | 8.0.x |
| freebsd / freebsd | 7.1 | 7.1.x |
| freebsd / freebsd | 7.2 | 7.2.x |