Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2007-0166

The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.

  • Published: Jan 11, 2007
  • Updated: Apr 13, 2023
  • CVE: CVE-2007-0166
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.6
  • AV:L/AC:M/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
freebsd / freebsd 5.3 5.3.x
freebsd / freebsd - 6.2.x