Description
The jail_attach system call in FreeBSD 5.1 and 5.2 changes the directory of a calling process even if the process doesn't have permission to change directory, which allows local users to gain read/write privileges to files and directories within another jail.
References (4)
Core 4
Core References
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9762
Patch, Vendor Advisory vendor-advisory
x_refsource_freebsd
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:03.jail.asc
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/4101
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15344
Scores
EPSS
0.0007
EPSS Percentile
20.9%
Details
Status
published
Products (3)
freebsd/freebsd
5.1 (2 CPE variants)
freebsd/freebsd
5.2
freebsd/freebsd
5.2.1 release
Published
Mar 29, 2004
Tracked Since
Feb 18, 2026