Lucene search

FreeBSD3B7C7F6C-7102-11D8-873F-0020ED76EF5A

HistoryFeb 17, 2004 - 12:00 a.m.

wu-ftpd ftpaccess `restricted-uid'/`restricted-gid' directive may be bypassed

2004-02-1700:00:00

vuxml.freebsd.org

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

Glenn Stewart reports a bug in wu-ftpd’s ftpaccess
restricted-uid'/restricted-gid’ directives:

Users can get around the restriction to their home
directory by issuing a simple chmod command on their home
directory. On the next ftp log in, the user will have ‘/’
as their root directory.

Matt Zimmerman discovered that the cause of the bug was a
missing check for a restricted user within a code path that
is executed only when a certain error is encountered.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchwu-ftpd<= 2.6.2_3UNKNOWN
FreeBSDanynoarchwu-ftpd+ipv6<= 2.6.2_5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	wu-ftpd	<= 2.6.2_3	UNKNOWN
FreeBSD	any	noarch	wu-ftpd+ipv6	<= 2.6.2_5	UNKNOWN

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

9.4%

JSON

Related for 3B7C7F6C-7102-11D8-873F-0020ED76EF5A