OSVDB ID: 25067 Title: Linux Kernel SMBFS SMB Mount Traversal chroot Restriction Bypass |
Info |
|
|
Dates |
||||
|
|
Description |
The Linux Kernel contains a flaw that may allow a malicious user to escape a chroot environment. The issue is triggered when a user attempts to change to a working directory outside a chroot environment in a SMBFS file system using a double backslash, e.g. 'cd ..\\'. It is possible that the flaw may allow unauthorised access to file system resources, resulting in a loss of confidentiality and/or integrity. |
Classification |
Location:
Local Access Required
Attack Type: Input Manipulation Impact: Loss of Confidentiality, Loss of Integrity Exploit: Exploit Public Disclosure: OSVDB Verified, Vendor Verified |
Solution |
Upgrade to version 2.4.33, 2.6.16.11 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
|
Credit |
|