FreeBSD Jail() Devfs Ruleset Bypass Vulnerability

FreeBSD is prone to a vulnerability that may allow local attackers to gain access to restricted resources on a computer.

This issue allows local attackers to access hidden device nodes on devfs file systems from within a jail. The attacker can create sensitive device nodes in the jail with default access permissions.

A successful attack can lead to information disclosure and privilege escalation.


 

Privacy Statement
Copyright 2010, SecurityFocus