|
|
Info |
Last Modified |
| 4 months ago |
|
|
|
|
Description |
FreeBSD contains a flaw that allows a remote attacker to escape a chroot environment when the chroot is implemented over a Server Message Block File System (SMBFS). The issue is due to the SMBFS not properly sanitizing user input, specifically directory traversal style attacks (..\). This flaw may lead to a loss of integrity.
|
|
Classification |
Location:
Local Access Required,
Remote/Network Access Required
Attack Type:
Input Manipulation
Impact:
Loss of Integrity
Exploit:
Exploit Available
Disclosure:
OSVDB Verified
|
|
Solution |
Upgrade to version 4.11, 5.5 or 6.1 or higher, as it has been reported to fix this vulnerability. In addition, FreeBSD has released a patch for some older versions.
It is also possible to correct the flaw by implementing the following workaround: mount the SMBFS so that the chroot directory is on a mount point and not a subdirectory of a mount point.
|
|
Products |
|
FreeBSD
 |
5.0 |
4.3 |
4.4 |
4.5 |
4.6 |
4.7 |
4.8 |
4.9 |
5.2 |
4.10 |
5.1 |
5.2.1 |
5.3 |
5.4 |
4.11 |
4.6.2 |
6.0 |
5.5 |
6.1 |
|
|
|
|
|
BlogsProvided by Technorati
|
None found at this time
|
|
|
