FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6d334fdb-f7e7-11ea-88f8-901b0ef719abFreeBSD -- ftpd privilege escalation via ftpchroot feature

Problem Description:

A ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.

Impact:

A malicious FTP user can gain privileged access to an affected system.


Discovery 2020-09-15
Entry 2020-09-16
FreeBSD
ge 12.1 lt 12.1_10

ge 11.4 lt 11.4_4

ge 11.3 lt 11.3_14

CVE-2020-7468
SA-20:30.ftpd