PT-2009-2834 · Apple+1 · Xterm+2
Published
2009-02-13
·
Updated
2024-01-25
·
CVE-2009-0141
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
XTerm in Apple Mac OS X versions 10.4.11 through 10.5.6
Description
The issue allows local users to write to the XTerm of another user due to insecure world-writable permissions on tty devices created when XTerm is used with luit.
Recommendations
For XTerm in Apple Mac OS X versions 10.4.11 through 10.5.6, consider restricting access to the tty devices created by XTerm when used with luit to prevent unauthorized writing to another user's XTerm.
Fix
Incorrect Permission
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Macos X
Xterm
Luit