Vulnerabilities > CVE-2001-1145 - Directory Traversal Race Condition vulnerability in Multiple BSD FTS

047910
CVSS 6.2 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
high complexity
freebsd
netbsd
openbsd

Summary

fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories.