Vulnerabilities > CVE-2005-1430 - Unspecified vulnerability in Apple mac OS X and mac OS X Server

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
apple
nessus

Summary

Mac OS X 10.3.x and earlier uses insecure permissions for a pseudo terminal tty (pty) that is managed by a non-setuid program, which allows local users to read or modify sessions of other users.

Nessus

NASL familyMacOS X Local Security Checks
NASL idMACOSX_10_4.NASL
descriptionThe remote host is running a version of Mac OS X which is older than version 10.4. Versions older than 10.4 contain a security issue in the way they handle the permissions of pseudo terminals. When an application uses a new pseudo terminal, it can not restrict its permissions to a safe mode. As a result, every created pseudo terminal has permissions 0666 set, which allows a local attacker to sniff the session of other users.
last seen2020-06-01
modified2020-06-02
plugin id18352
published2005-05-20
reporterThis script is Copyright (C) 2005-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/18352
titleMac OS X < 10.4 pty Permission Weakness