FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

FreeBSD -- ftpd privilege escalation via ftpchroot feature

Affected packages
12.1 <= FreeBSD < 12.1_10
11.4 <= FreeBSD < 11.4_4
11.3 <= FreeBSD < 11.3_14

Details

VuXML ID 6d334fdb-f7e7-11ea-88f8-901b0ef719ab
Discovery 2020-09-15
Entry 2020-09-16

Problem Description:

A ftpd(8) bug in the implementation of the file system sandbox, combined with capabilities available to an authenticated FTP user, can be used to escape the file system restriction configured in ftpchroot(5). Moreover, the bug allows a malicious client to gain root privileges.

Impact:

A malicious FTP user can gain privileged access to an affected system.

References

CVE Name CVE-2020-7468
FreeBSD Advisory SA-20:30.ftpd