CVE-2000-0462
LowExploitation Probability (EPSS)
Low risk29th percentile — higher than 29% of all known CVEs
Summary
The ftpd function in NetBSD 1.4.2 improperly parses entries in /etc/ftpchroot, preventing chroot from being applied to specified users. As a result, users can access files outside of their home directory.
Risk Assessment
The lack of proper access restrictions may lead to the exposure of sensitive data and compromise the integrity of the system. Users may manipulate files they should not have access to.
Recommendation
It is recommended to update the system to a newer version that fixes the parsing of configuration files and ensures proper chroot functionality. Additionally, verify user configurations and permissions.
Original NVD description (English source)
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

