CVE-2009-4358

Name of the Vulnerable Software and Affected Versions FreeBSD versions 8.0, 7.2, 7.1, 6.4, and 6.3

Description The issue concerns insecure permissions in the working directory of freebsd-update, allowing local users to read copies of sensitive files after certain operations. Specifically, this occurs after a freebsd-update fetch or freebsd-update upgrade operation.

Recommendations For versions 8.0, 7.2, 7.1, 6.4, and 6.3, consider changing the permissions of the /var/db/freebsd-update directory to secure it and prevent unauthorized access. As a temporary workaround, restrict access to the freebsd-update utility until a fix is applied. Avoid using the freebsd-update fetch and upgrade operations in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.