|Category:||FreeBSD Local Security Checks|
|Title:||FreeBSD Security Advisory (FreeBSD-SA-06:16.smbfs.asc)|
|Summary:||FreeBSD Security Advisory (FreeBSD-SA-06:16.smbfs.asc)|
|Description:||The remote host is missing an update to the system|
as announced in the referenced advisory FreeBSD-SA-06:16.smbfs.asc
smbfs is a network file-system used to access file servers using the
SMB/CIFS protocol. chroot(2) is system call designed to limit a
process's access to a particular subset of a file-system.
smbfs does not properly sanitize paths containing a backslash
in particular the directory name '..\' is interpreted as
the parent directory by the SMB/CIFS server, but smbfs handles it in
the same manner as any other directory.
Upgrade your system to the appropriate stable release
or security branch dated after the correction date
Common Vulnerability Exposure (CVE) ID: CVE-2006-2654|
FreeBSD Security Advisory: FreeBSD-SA-06:16
BugTraq ID: 18202
XForce ISS Database: freebsd-smbfs-directory-traversal(26860)
|Copyright||Copyright (c) 2006 E-Soft Inc. http://www.securityspace.com|
|This is only one of 39212 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.