FreeBSD : SA-04:03.jail

medium Nessus Plugin ID 12556

Synopsis

The remote device is missing a vendor-supplied security patch

Description

The remote host is running a version of the FreeBSD kernel which contains a bug which may allow a jailed process to attach to another jail.

An attacker compromised a jailed process on the remote host could exploit this flaw to switch to other jails on the system.

Solution

http://www.vuxml.org/freebsd/9082a85a-88ae-11d8-90d1-0020ed76ef5a.html

Plugin Details

Severity: Medium

ID: 12556

File Name: freebsd_jailed_processes.nasl

Version: Revision: 1.13

Family: FreeBSD Local Security Checks

Published: 7/6/2004

Updated: 10/6/2010

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.3

CVSS v2

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 3.4

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Required KB Items: Host/FreeBSD/pkg_info

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2004-0126

BID: 9762

Detections

Analytics