SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   jailutils Vendors:   Nielsen, Nate
FreeBSD Jail Utilities (jailutils) May Disclose Environment Information to Local Users
SecurityTracker Alert ID:  1010652
SecurityTracker URL:  http://securitytracker.com/id/1010652
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 6 2004
Impact:   Disclosure of system information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 0.5.4
Description:   An information disclosure vulnerability was reported in the FreeBSD Jail Utilities (jailutils). A local user may be able to obtain system information.

OSVDB reported that the 'jail' command may disclose host environment information to local users. No further details were provided.

Impact:   A local user in a jail may be able to obtain information about the local environment.
Solution:   The report indicates that the vulnerability is corrected in version 0.6, available at:

http://memberwebs.com/nielsen/freebsd/jails/jailutils/
http://memberwebs.com/nielsen/freebsd/jails/jailutils/jailutils-0.6.tar.gz

Vendor URL:  memberwebs.com/nielsen/freebsd/jails/jailutils/ (Links to External Site)
Cause:   Access control error
Underlying OS:  UNIX (FreeBSD)

Message History:   None.


 Source Message Contents

Subject:  jailutils 0.5.4


OSVDB: 7460

jailutils 0.5.4

OSVDB reported a vulnerability in jailutils.  According to the report, the 'jail' command 
may disclose host environment information to local users.

The report indicates that the vulnerability is corrected in version 0.6, available at:

http://memberwebs.com/nielsen/freebsd/jails/jailutils/
http://memberwebs.com/nielsen/freebsd/jails/jailutils/jailutils-0.6.tar.gz






 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC