Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2004-0126

The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.

  • Published: Mar 29, 2004
  • Updated: Apr 13, 2023
  • CVE: CVE-2004-0126
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4.6
  • AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
freebsd / freebsd 5.1-release 5.1-release.x
freebsd / freebsd 5.1 5.1.x
freebsd / freebsd 5.2 5.2.x
freebsd / freebsd 5.2.1-release 5.2.1-release.x