| Reporter | Title | Published | Views | Family All 9 |
|---|---|---|---|---|
| smbfs -- chroot escape | 31 May 200600:00 | – | freebsd | |
| CVE-2006-2654 | 2 Jun 200601:00 | – | cve | |
| CVE-2006-2654 | 2 Jun 200601:00 | – | cvelist | |
| EUVD-2006-2653 | 7 Oct 202500:30 | – | euvd | |
| FreeBSD-SA-06:16.smbfs | 31 May 200600:00 | – | freebsd_advisory | |
| CVE-2006-2654 | 2 Jun 200601:02 | – | nvd | |
| FreeBSD Security Advisory (FreeBSD-SA-06:16.smbfs.asc) | 4 Sep 200800:00 | – | openvas | |
| Directory traversal | 2 Jun 200601:02 | – | prion | |
| FreeBSD Security Advisory FreeBSD-SA-06:16.smbfs | 2 Jun 200600:00 | – | securityvulns |
| Source | Link |
|---|---|
| secure1 | www.secure1.securityspace.com/smysecure/catid.html |
# SPDX-FileCopyrightText: 2008 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.56852");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)");
script_cve_id("CVE-2006-2654");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:N");
script_name("FreeBSD Security Advisory (FreeBSD-SA-06:16.smbfs.asc)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2008 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdpatchlevel");
script_tag(name:"insight", value:"smbfs is a network file-system used to access file servers using the
SMB/CIFS protocol. chroot(2) is system call designed to limit a
process's access to a particular subset of a file-system.
smbfs does not properly sanitize paths containing a backslash
character. In particular the directory name '..\' is interpreted as
the parent directory by the SMB/CIFS server, but smbfs handles it in
the same manner as any other directory.");
script_tag(name:"solution", value:"Upgrade your system to the appropriate stable release
or security branch dated after the correction date.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-06:16.smbfs.asc");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory FreeBSD-SA-06:16.smbfs.asc");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-bsd.inc");
vuln = FALSE;
if(patchlevelcmp(rel:"6.1", patchlevel:"1")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"6.0", patchlevel:"8")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"5.5", patchlevel:"1")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"5.4", patchlevel:"15")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"5.3", patchlevel:"30")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"4.11", patchlevel:"18")<0) {
vuln = TRUE;
}
if(patchlevelcmp(rel:"4.10", patchlevel:"24")<0) {
vuln = TRUE;
}
if(vuln) {
security_message(port:0);
} else if (__pkg_match) {
exit(99);
}Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation