Computer Security
[EN] securityvulns.ru no-pyccku


FreeBSD jail rc.d symbolic links problem
Published:12.01.2007
Source:
SecurityVulns ID:7043
Type:local
Threat Level:
5/10
Description:Multiple conditions allow to write files begind jailed environment, as an example symbolic link /var/log/console.log.
Affected:FREEBSD : FreeBSD 6.0
 FREEBSD : FreeBSD 6.1
 FREEBSD : FreeBSD 5.5
 FREEBSD : FreeBSD 6.2
CVE:CVE-2007-0166 (The jail rc.d script in FreeBSD 5.3 up to 6.2 does not verify pathnames when writing to /var/log/console.log during a jail start-up, or when file systems are mounted or unmounted, which allows local root users to overwrite arbitrary files, or mount/unmount files, outside of the jail via a symlink attack.)
Original documentdocumentFREEBSD, FreeBSD Security Advisory FreeBSD-SA-07:01.jail (12.01.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod