4 matches found
CVE-2010-2022
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations...
Code injection
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations...
CVE-2010-2022
The CVE-2010-2022 issue affects FreeBSD jail(8) in FreeBSD 8.0 and 8.1-PRERELEASE. If the jail is started without the -l -U root options, jail(8) may fail to chdir to a restricted directory, allowing local users to access the current working directory and potentially read, modify, or create arbit...
CVE-2010-1938
Off-by-one error in the opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earlier, as used on FreeBSD 6.4 through 8.1-PRERELEASE and other platforms, allows remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a long username, as...