NetKit FTP Server ChDir Information Disclosure Vulnerability

BID:21000

Info

NetKit FTP Server ChDir Information Disclosure Vulnerability

Bugtraq ID: 21000
Class: Design Error
CVE: CVE-2006-5778
Remote: No
Local: Yes
Published: Nov 10 2006 12:00AM
Updated: Feb 13 2007 10:27PM
Credit: Paul Szabo is credited with the discovery of this issue.
Vulnerable: Netkit Linux Netkit 0.17
+ Caldera OpenLinux 2.4
+ Caldera OpenLinux 2.3
+ Debian Linux 3.0 sparc
+ Debian Linux 3.0 s/390
+ Debian Linux 3.0 ppc
+ Debian Linux 3.0 mipsel
+ Debian Linux 3.0 mips
+ Debian Linux 3.0 m68k
+ Debian Linux 3.0 ia-64
+ Debian Linux 3.0 ia-32
+ Debian Linux 3.0 hppa
+ Debian Linux 3.0 arm
+ Debian Linux 3.0 alpha
+ Debian Linux 3.0
+ Gentoo Linux
+ Redhat Desktop 4.0
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 4
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 4
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 4
+ Redhat Enterprise Linux WS 3
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
+ Redhat Linux 7.1 i386
+ Redhat Linux 7.1 alpha
+ Redhat Linux 7.1
+ Redhat Linux 7.0 sparc
+ Redhat Linux 7.0 i386
+ Redhat Linux 7.0 alpha
+ Redhat Linux 7.0
+ SCO eDesktop 2.4
+ SCO eServer 2.3.1
+ Sun Solaris 9_x86 Update 2
+ Sun Solaris 9_x86
+ Sun Solaris 9
+ Sun Solaris 8_x86
+ Sun Solaris 8_sparc
+ Sun Solaris 7.0_x86
+ Sun Solaris 7.0
+ Sun Solaris 10
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Netkit Linux Netkit 0.16
+ Debian Linux 2.2 sparc
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 68k
+ Debian Linux 2.2
+ Redhat Linux 6.2 sparc
+ Redhat Linux 6.2 i386
+ Redhat Linux 6.2 alpha
+ Redhat Linux 6.2
Netkit Linux Netkit 0.15
Netkit Linux Netkit 0.14
Netkit Linux Netkit 0.12
Netkit Linux Netkit 0.11
Netkit Linux Netkit 0.10
+ Redhat Linux 5.2 sparc
+ Redhat Linux 5.2 i386
+ Redhat Linux 5.2 alpha
+ Redhat Linux 5.2
Netkit Linux Netkit 0.9
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Not Vulnerable:

Discussion

NetKit FTP Server ChDir Information Disclosure Vulnerability

Netkit FTP Server ('ftpd') is prone to an information-disclosure vulnerability due to a design error.

A local attacker could exploit this issue to bypass access restrictions and gain access to the root directory of the FTP server. Directory information gained may aid in further attacks.

Netkit FTP Server 0.17 and prior versions are affected.

Exploit / POC

NetKit FTP Server ChDir Information Disclosure Vulnerability

A local attacker can exploit this issue by creating a home directory in such a way that it is inaccessible to the affected application.

Solution / Fix

NetKit FTP Server ChDir Information Disclosure Vulnerability

Solution:
Please see the referenced advisories for more information.


Netkit Linux Netkit 0.17

References

NetKit FTP Server ChDir Information Disclosure Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report