4.7

CVE-2009-4358

freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory (/var/db/freebsd-update by default), which allows local users to read copies of sensitive files after a (1) freebsd-update fetch (fetch) or (2) freebsd-update upgrade (upgrade) operation.

Data is provided by the National Vulnerability Database (NVD)
FreebsdFreebsd Version6.3
FreebsdFreebsd Version6.4
FreebsdFreebsd Version7.1
FreebsdFreebsd Version7.2
FreebsdFreebsd Version8.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.05% 0.108
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 4.7 3.4 6.9
AV:L/AC:M/Au:N/C:C/I:N/A:N