Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
FreeBSD freebsd-update工具不安全目录权限漏洞
Vulnerability Description
FreeBSD是一种类UNIX操作系统,是由经过BSD、386BSD和4.4BSD发展而来的Unix的一个重要分支。 FreeBSD freebsd-update工具存在不安全目录权限漏洞。由于freebsd-update在它的工作目录(默认的/var/db/freebsd-update)中使用不安全许可,攻击者可以借助一个(1) freebsd-update fetch (fetch)或(2) freebsd-update upgrade (upgrade)操作,导致读取敏感文件的复本。
CVSS Information
N/A
Vulnerability Type
N/A