CVE-2000-0462
NetBSD 1.4.2 - Unauthenticated Directory Traversal via /etc/ftpchroot Misparsing
Title source: llmDescription
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/1366
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/1273
Vendor Advisory vendor-advisory
x_refsource_netbsd
ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-006.txt.asc
Scores
EPSS
0.0014
EPSS Percentile
33.7%
Details
Status
published
Products (1)
netbsd/netbsd
1.4.2 (4 CPE variants)
Published
May 28, 2000
Tracked Since
Feb 18, 2026