首页
社区
课程
招聘
[转帖]CVE-2020-7468: TURNING IMPRISONMENT TO ADVANTAGE IN THE FREEBSD FTPD CHROOT JAIL
发表于: 2020-12-22 12:31 2164

[转帖]CVE-2020-7468: TURNING IMPRISONMENT TO ADVANTAGE IN THE FREEBSD FTPD CHROOT JAIL

2020-12-22 12:31
2164

CVE-2020-7468: TURNING IMPRISONMENT TO ADVANTAGE IN THE FREEBSD FTPD CHROOT JAIL

December 21, 2020 | Lucas Leong

In July, we received a local privilege escalation bug in FreeBSD from an anonymous researcher. The target is the file transfer protocol daemon (ftpd) that ships as part of FreeBSD. It provides a feature, ftpchroot, that is designed to restrict the file system access of authenticated users. The feature is implemented using the “chroot” system call, a security technique commonly known as a “chroot jail”. A chroot jail functions by confining a process to a restricted portion of the filesystem. By exploiting a vulnerability in the implementation, though, an attacker can actually use this imprisoned state to gain an enormous advantage, escalating their privileges from a restricted FTP account to `root`. This allows the attacker to execute arbitrary code on the system. This vulnerability was present in the FreeBSD FTP daemon for a long time. It can be tracked back to FreeBSD 6.3-Release. The bug is assigned as CVE-2020-7468/ZDI-20-1431 and the patch was released in September.

https://www.zerodayinitiative.com/blog/2020/12/21/cve-2020-7468-turning-imprisonment-to-advantage-in-the-freebsd-ftpd-chroot-jail



[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 2
支持
分享
最新回复 (1)
雪    币: 7121
活跃值: (125793)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2
非常感谢林大分享
2020-12-23 20:59
0
游客
登录 | 注册 方可回帖
返回
//