Vulnerabilities > CVE-2001-0378 - Information Disclosure vulnerability in OpenBSD

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

openbsd

NVD

Published: 2001-06-27

Updated: 2017-10-10

Summary

readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.

Vulnerable Configurations

Part	Description	Count
OS	Openbsd Openbsd Openbsd - Openbsd Openbsd 2.0 Openbsd Openbsd 2.1 Openbsd Openbsd 2.2 Openbsd Openbsd 2.3 Openbsd Openbsd 2.4 Openbsd Openbsd 2.5 Openbsd Openbsd 2.6 Openbsd Openbsd 2.7 Openbsd Openbsd 2.8	10

References

ftp://ftp.openbsd.org/pub/OpenBSD/patches/2.8/common/024_readline.patch
http://www.osvdb.org/5680
https://exchange.xforce.ibmcloud.com/vulnerabilities/6586