FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

helvis -- information leak vulnerabilities

Affected packages
ko-helvis <= 1.8h2_1
helvis <= 1.8h2_1

Details

VuXML ID bb99f803-5fde-11d9-b721-00065be4b5b6
Discovery 2004-11-24
Entry 2005-01-10
Modified 2005-01-19

Once a recovery file has been preserved by the setuid root elvprsv utility it is placed in a worldreadable directory with worldreadable permissions. This possibly allows sensitive information to leak.

In addition to this information leak, it is possible for users to recover files that belong to other users by using elvrec, another setuid root binary.

References

CVE Name CVE-2005-0118
CVE Name CVE-2005-0119
URL http://people.freebsd.org/~niels/ports/korean/helvis/issues.txt