Vulnerability Development mailing list archives
Ncftpd < 2.6.2 allow users to change chrooted diretory
From: Thiago Madeira de Lima <jungle () STI COM BR>
Date: Tue, 25 Jul 2000 14:53:37 -0300
Found this bug 2 weeks ago and reported to the author. Now there's a new version that solves the problem. Everyone using ncftpd < 2.6.2 should upgrade to ncftpd 2.6.2. This bug only works if you use the same UID or GID for more than 1 user. Restricted users could access directory paths that were prefixed by the entire pathname of the home directory and if the user's UID/GID privileges allowed it. For example, a user bill with home directory /home/users/bill may have been able to access the directory /home/users/billybob if bill's privileges allowed it. Thiago Madeira Lima
Current thread:
- Re: Nokia WAP server. Security Team (Jul 24)
- Ncftpd < 2.6.2 allow users to change chrooted diretory Thiago Madeira de Lima (Jul 27)