CVE-2004-0126 in FreeBSDinfo

Summary

The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn t have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Disclosure

03/29/2004

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-269

CVSS

8.6

EPSS

0.00068

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2004-0126
NVD	https://nvd.nist.gov/vuln/detail/CVE-2004-0126
CVE Details	https://www.cvedetails.com/cve/CVE-2004-0126/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!