CVE-2002-1669

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.2 through 4.4

Description The issue allows local users to potentially modify world-writable parts of a package during installation due to the creation of a temporary directory with world-searchable permissions by pkg add.

Recommendations For FreeBSD versions 4.2 through 4.4, consider restricting access to the temporary directory created by pkg add to prevent local users from modifying package contents during installation. As a temporary workaround, ensure that the installation process is closely monitored and that packages are installed from trusted sources to minimize the risk of exploitation.