CVE-2004-0099

Name of the Vulnerable Software and Affected Versions FreeBSD versions 5.1 through 5.2

Description The issue concerns the mksnap ffs function in FreeBSD, which only sets the snapshot flag when creating a snapshot for a file system. This causes default values for other flags to be used, possibly disabling security-critical settings. As a result, a local user may be able to bypass intended access restrictions.

Recommendations For FreeBSD versions 5.1 through 5.2, consider manually configuring the necessary flags to ensure security-critical settings are enabled, as the default values may not provide the intended level of security.