CVE-2006-2654

Name of the Vulnerable Software and Affected Versions FreeBSD versions 4.10 through 6.1

Description A directory traversal issue exists, allowing local users to bypass chroot restrictions on an SMB-mounted filesystem by utilizing ".." sequences. This issue is similar to another known problem but affects a different implementation.

Recommendations For FreeBSD versions 4.10 through 6.1, consider restricting access to the SMB-mounted filesystem to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the ".." sequence in the SMB-mounted filesystem.