CVE-2006-5778

EPSS 0.07%

linux-ftpd

Published: 11/7/2006Modified: 3/9/2026

Also known as:DSA-1217-1DEBIAN-CVE-2006-5778

Description

ftpd in linux-ftpd 0.17, and possibly other versions, performs a chdir before setting the UID, which allows local users to bypass intended access restrictions by redirecting their home directory to a restricted directory.

Affected packages (3)

Debian/linux-ftpdfrom 0, < 0.17-23
Debian/linux-ftpdfrom 0, < 0.17-20sarge2
Debian/linux-ftpdfrom 0, < 0.17-20sarge2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2006-5778