Severity: Unknown
Affected Package: nsdispatch
Summary: nsdispatch unaware of chroot can reload files outside the jail
The nsdispatch(3) name-service dispatcher is not aware that it is operating inside a chroot, and certain operations can cause files to be (re)loaded from outside the chrooted environment. This creates a security hole in chroot-using services such as ftpd, contributing to the chroot escape/privilege escalation. No CVE was assigned by FreeBSD for this advisory.
No specific recommendations provided.
Aliases:
Published: December 23, 2011
Last Modified: December 23, 2011