CVE-2008-0217

Name of the Vulnerable Software and Affected Versions FreeBSD versions 5.0 through 7.0-PRERELEASE

Description The issue allows local users to read data from the terminal of the user running the script program due to the creation of a pseudo-terminal with world-readable and world-writable permissions when the script is not run as root.

Recommendations For FreeBSD versions 5.0 through 7.0-PRERELEASE, consider running the script program as root to avoid the creation of pseudo-terminals with insecure permissions, or apply configuration changes to restrict access to the pseudo-terminals created by the script program.