FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6d334fdb-f7e7-11ea-88f8-901b0ef719abFreeBSD -- ftpd privilege escalation via ftpchroot feature

Problem Description:

A ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.

Impact:

A malicious FTP user can gain privileged access to an affected system.


Discovery 2020-09-15
Entry 2020-09-16
FreeBSD
ge 12.1 lt 12.1_10

ge 11.4 lt 11.4_4

ge 11.3 lt 11.3_14

CVE-2020-7468
SA-20:30.ftpd