Vulnerabilities > CVE-2005-0118 - Local Security vulnerability in Helvis
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
helvis 1.8h2_1 and earlier stores recovery files in world readable directories with world readable permissions, which allows local users to read the recovered files of other users.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_PKG_BB99F8035FDE11D9B72100065BE4B5B6.NASL |
| description | Once a recovery file has been preserved by the setuid root elvprsv utility it is placed in a worldreadable directory with worldreadable permissions. This possibly allows sensitive information to leak. In addition to this information leak, it is possible for users to recover files that belong to other users by using elvrec, another setuid root binary. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 19099 |
| published | 2005-07-13 |
| reporter | This script is Copyright (C) 2005-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/19099 |
| title | FreeBSD : helvis -- information leak vulnerabilities (bb99f803-5fde-11d9-b721-00065be4b5b6) |