The ptsname function in FreeBSD 6.0 through 7.0-PRERELEASE does not properly verify that a certain portion of a device name is associated with a pty of a user who is calling the pt_chown function, which might allow local users to read data from the pty from another user.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Freebsd | Freebsd | 6.0 (including) | 6.0 (including) |
| Freebsd | Freebsd | 6.0-release (including) | 6.0-release (including) |
| Freebsd | Freebsd | 6.0-stable (including) | 6.0-stable (including) |
| Freebsd | Freebsd | 6.1 (including) | 6.1 (including) |
| Freebsd | Freebsd | 6.1-release (including) | 6.1-release (including) |
| Freebsd | Freebsd | 6.1-release_p10 (including) | 6.1-release_p10 (including) |
| Freebsd | Freebsd | 6.1-stable (including) | 6.1-stable (including) |
| Freebsd | Freebsd | 6.2 (including) | 6.2 (including) |
| Freebsd | Freebsd | 6.2-stable (including) | 6.2-stable (including) |
| Freebsd | Freebsd | 6.3 (including) | 6.3 (including) |
| Freebsd | Freebsd | 7.0 (including) | 7.0 (including) |
| Freebsd | Freebsd | 7.0-current (including) | 7.0-current (including) |
| Freebsd | Freebsd | 7.0-pre-release (including) | 7.0-pre-release (including) |
| Kfreebsd-5 | Ubuntu | dapper | * |
| Kfreebsd-5 | Ubuntu | edgy | * |
| Kfreebsd-5 | Ubuntu | feisty | * |
| Kfreebsd-5 | Ubuntu | gutsy | * |
| Kfreebsd-5 | Ubuntu | hardy | * |
| Kfreebsd-5 | Ubuntu | intrepid | * |