FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jailed processes can manipulate host routing tables

Affected systems
4.9 <= FreeBSD < 4.9_10
4.8 <= FreeBSD < 4.8_23

Details

VuXML ID fb5e227e-b8c6-11d8-b88c-000d610a3b12
Discovery 2004-02-03
Entry 2004-06-07

A programming error resulting in a failure to verify that an attempt to manipulate routing tables originated from a non-jailed process.

Jailed processes running with superuser privileges could modify host routing tables. This could result in a variety of consequences including packets being sent via an incorrect network interface and packets being discarded entirely.

References

CVE Name CVE-2004-0125
FreeBSD Advisory SA-04:12.jailroute