CVSTrac chdir() chroot Jail Escape

2002-08-27T00:00:00
ID OSVDB:8643
Type osvdb
Reporter OSVDB
Modified 2002-08-27T00:00:00

Description

Vulnerability Description

CVSTrac contains a flaw related to the chdir() function that may allow an attacker to escape the chroot jail. No further details have been provided.

Solution Description

Upgrade to version 1.1.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

CVSTrac contains a flaw related to the chdir() function that may allow an attacker to escape the chroot jail. No further details have been provided.

References:

Vendor URL: http://www.cvstrac.org/ Vendor Specific Solution URL: http://www.cvstrac.org/cvstrac/chngview?cn=186 Vendor Specific Advisory URL