Vulnerabilities > CVE-2000-0462 - Unspecified vulnerability in Netbsd 1.4.2

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

netbsd

NVD

Published: 2000-05-28

Updated: 2008-09-10

Summary

ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

Vulnerable Configurations

Part	Description	Count
OS	Netbsd Netbsd Netbsd 1.4.2	4

References

ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc
http://www.osvdb.org/1366
http://www.securityfocus.com/bid/1273