Severity: Unknown
Affected Package: ftpd
Summary: Privilege escalation in chrooted ftpd
When ftpd is configured to place a user in a chroot(2) environment, an attacker who can log in as that user may be able to run arbitrary code with root privileges. The issue stems from the interaction between chroot and services that later reload configuration/library files. No CVE was assigned by FreeBSD for this advisory.
No specific recommendations provided.
Aliases:
Published: December 23, 2011
Last Modified: December 23, 2011