CVE-2010-2022 | Date: (C)2010-05-28 (M)2023-12-22 |
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations.
CVSS Score and Metrics +CVSS Score and Metrics -CVSS V2 Severity: |
CVSS Score : 3.3 |
Exploit Score: 3.4 |
Impact Score: 4.9 |
|
CVSS V2 Metrics: |
Access Vector: LOCAL |
Access Complexity: MEDIUM |
Authentication: NONE |
Confidentiality: PARTIAL |
Integrity: PARTIAL |
Availability: NONE |
| |