CVE Catalog

CVE-2000-0462

Low
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.37%

29th percentile — higher than 29% of all known CVEs

Summary

The ftpd function in NetBSD 1.4.2 improperly parses entries in /etc/ftpchroot, preventing chroot from being applied to specified users. As a result, users can access files outside of their home directory.

Risk Assessment

The lack of proper access restrictions may lead to the exposure of sensitive data and compromise the integrity of the system. Users may manipulate files they should not have access to.

Recommendation

It is recommended to update the system to a newer version that fixes the parsing of configuration files and ensures proper chroot functionality. Additionally, verify user configurations and permissions.

Original NVD description (English source)

ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS