Description
The jail system call in FreeBSD 4.x before 4.10-RELEASE does not verify that an attempt to manipulate routing tables originated from a non-jailed process, which could allow local users to modify the routing table.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16342
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/10485
Various Sources vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:12.jailroute.asc
Scores
EPSS
0.0005
EPSS Percentile
15.6%
Details
Status
published
Products (13)
freebsd/freebsd
4.0 (3 CPE variants)
freebsd/freebsd
4.1
freebsd/freebsd
4.1.1 (3 CPE variants)
freebsd/freebsd
4.2 (2 CPE variants)
freebsd/freebsd
4.3 (5 CPE variants)
freebsd/freebsd
4.4 (4 CPE variants)
freebsd/freebsd
4.5 (5 CPE variants)
freebsd/freebsd
4.6 (5 CPE variants)
freebsd/freebsd
4.6.2
freebsd/freebsd
4.7 (5 CPE variants)
... and 3 more
Published
Aug 06, 2004
Tracked Since
Feb 18, 2026