Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-2654

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2006-2654
Last Modified 05 Sep 2008 05:05:05
Published 01 Jun 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-2654

Summary

Directory traversal vulnerability in smbfs smbfs on FreeBSD 4.10 up to 6.1 allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\\" sequences. NOTE: this is similar to CVE-2006-1864, but this is a different implementation of smbfs, so it has a different CVE identifier.

Vulnerable Systems

Operating System

  • Freebsd 5.0

  • Freebsd 5.1

  • Freebsd 5.2

  • Freebsd 5.2.1

  • Freebsd 5.3

  • Freebsd 5.4

  • Freebsd 6.0


References

BID - 18202

FREEBSD - FreeBSD-SA-06:16

SECUNIA - 20390

XF - freebsd-smbfs-directory-traversal(26860)

OSVDB - 25851

SECTRACK - 1016194


Last Updated: 27 May 2016 10:42:42