Main Vulnerability Database Vulnerabilities #VU46743

Security restrictions bypass in FreeBSD - CVE-2020-7468

Published: September 16, 2020

Vulnerability identifier: #VU46743

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-7468

CWE-ID: CWE-264

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: FreeBSD Foundation

Affected software:
FreeBSD

Detailed vulnerability description

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to an error in ftpd(8) sandbox implementation, combined with capabilities available to authenticated FTP users. A remote FTP user can bypass restrictions, configured with ftpchroot(5) and gain privileged access to the system.

Note, this vulnerability cannot be exploited by users with anonymous access to FTP server.

How to mitigate CVE-2020-7468

Install updates from vendor's website.

Sources

https://www.freebsd.org/security/advisories/FreeBSD-SA-20:30.ftpd.asc

Security restrictions bypass in FreeBSD - CVE-2020-7468

Detailed vulnerability description

How to mitigate CVE-2020-7468

Sources

Please verify you're human