// For flags

CVE-2004-0099

 

Severity Score

4.6
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

mksnap_ffs in FreeBSD 5.1 and 5.2 only sets the snapshot flag when creating a snapshot for a file system, which causes default values for other flags to be used, possibly disabling security-critical settings and allowing a local user to bypass intended access restrictions.

mksnap_ffs en FeeBSD 5.1 y 5.2 sólo establece el marcador (flag) de instantánea (snapshot) cuando crea una instantánea de un sistema de ficheros , lo que hace que se usen valores por defecto para otros marcadores, lo que posiblemente desabilite configuraciones de seguridad críticas y permita a un usuario local saltarse restricciones de acceso pretendidas.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2004-01-29 CVE Reserved
  • 2004-02-01 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-08 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Freebsd
Search vendor "Freebsd"
 Freebsd
Search vendor "Freebsd" for product "Freebsd"
 5.1
Search vendor "Freebsd" for product "Freebsd" and version "5.1"
release
Affected
Freebsd
Search vendor "Freebsd"
 Freebsd
Search vendor "Freebsd" for product "Freebsd"
 5.2.1
Search vendor "Freebsd" for product "Freebsd" and version "5.2.1"
release
Affected