Vulnerabilities > CVE-2006-2654 - Unspecified vulnerability in Freebsd

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

freebsd

NVD

Published: 2006-06-02

Updated: 2017-07-20

Summary

Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier.

Vulnerable Configurations

Part	Description	Count
OS	Freebsd Freebsd Freebsd 5.0 Freebsd Freebsd 5.1 Freebsd Freebsd 5.2 Freebsd Freebsd 5.2.1 Freebsd Freebsd 5.3 Freebsd Freebsd 5.4 Freebsd Freebsd 6.0	27

References

http://secunia.com/advisories/20390
http://security.freebsd.org/advisories/FreeBSD-SA-06:16.smbfs.asc
http://securitytracker.com/id?1016194
http://www.osvdb.org/25851
http://www.securityfocus.com/bid/18202
https://exchange.xforce.ibmcloud.com/vulnerabilities/26860