Detections
Analytics

FreeBSD : rxvt-unicode -- restore permissions on tty devices (c2fdb3bc-7d72-11da-b96e-000fb586ba73)

high Nessus Plugin ID 21508

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

A rxvt-unicode changelog reports :

SECURITY FIX: on systems using openpty, permissions were not correctly updated on the tty device and were left as world-readable and world-writable (likely in original rxvt, too), and were not restored properly. Affected are only systems where non-unix ptys were used (such as most BSDs). Found, patched and debugged by Ryan Beasley.

Solution

Update the affected package.

See Also

http://dist.schmorp.de/rxvt-unicode/Changes

http://www.nessus.org/u?ff847fc7

Plugin Details

Severity: High

ID: 21508

File Name: freebsd_pkg_c2fdb3bc7d7211dab96e000fb586ba73.nasl

Version: 1.12

Type: local

Published: 5/13/2006

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:rxvt-unicode, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/4/2006

Vulnerability Publication Date: 12/31/2005