Vulnerabilities > CVE-2004-0126 - Unspecified vulnerability in Freebsd 5.1/5.2/5.2.1
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 4 |
Nessus
| NASL family | FreeBSD Local Security Checks |
| NASL id | FREEBSD_JAILED_PROCESSES.NASL |
| description | The remote host is running a version of the FreeBSD kernel which contains a bug which may allow a jailed process to attach to another jail. An attacker compromised a jailed process on the remote host could exploit this flaw to switch to other jails on the system. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 12556 |
| published | 2004-07-06 |
| reporter | This script is Copyright (C) 2004-2010 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/12556 |
| title | FreeBSD : SA-04:03.jail |