VYPR
Unrated severityNVD Advisory· Published Mar 29, 2004· Updated Jun 16, 2026

CVE-2004-0126

CVE-2004-0126

Description

The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.

Affected products

5
  • FreeBSD/FreeBSD5 versions
    cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*+ 4 more
    • cpe:2.3:o:freebsd:freebsd:5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:5.1:release:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:5.2:*:*:*:*:*:*:*
    • cpe:2.3:o:freebsd:freebsd:5.2.1:release:*:*:*:*:*:*
    • (no CPE)range: >= 5.1, < 5.3

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.