FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

proftpd -- user chroot escape vulnerability

Affected packages
proftpd < 1.3.5e

Details

VuXML ID 770d7e91-72af-11e7-998a-08606e47f965
Discovery 2017-03-06
Entry 2017-07-27

NVD reports:

ProFTPD ... controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component (other than the last one) with a symbolic link.

References

CVE Name CVE-2017-7418
URL http://bugs.proftpd.org/show_bug.cgi?id=4295