Vulnerability Description
rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows local users to gain read and write access to the devices.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rxvt-Unicode | Rxvt-Unicode | <= 6.2 |
References
- http://dist.schmorp.de/rxvt-unicode/Changes
- http://secunia.com/advisories/18301PatchVendor Advisory
- http://www.osvdb.org/22223Patch
- http://www.vupen.com/english/advisories/2006/0052
- http://dist.schmorp.de/rxvt-unicode/Changes
- http://secunia.com/advisories/18301PatchVendor Advisory
- http://www.osvdb.org/22223Patch
- http://www.vupen.com/english/advisories/2006/0052
FAQ
What is CVE-2006-0126?
CVE-2006-0126 is a vulnerability with a CVSS score of 4.6 (MEDIUM). rxvt-unicode before 6.3, on certain platforms that use openpty and non-Unix pty devices such as Linux and most BSD platforms, does not maintain the intended permissions of tty devices, which allows lo...
How severe is CVE-2006-0126?
CVE-2006-0126 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-0126?
Check the references section above for vendor advisories and patch information. Affected products include: Rxvt-Unicode Rxvt-Unicode.