Lucene search

[email protected]CVE-2005-3111

HistorySep 30, 2005 - 10:05 a.m.

CVE-2005-3111

2005-09-3010:05:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

backupninja

vulnerability

symlink attack

nvd

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The handler code for backupninja 0.8 and earlier creates temporary files with predictable filenames, which allows local users to modify arbitrary files via a symlink attack.

CPENameOperatorVersion
debian:backupninjadebian backupninjale0.8

CPE	Name	Operator	Version
debian:backupninja	debian backupninja	le	0.8

References

secunia.com/advisories/16995/

secunia.com/advisories/17018

www.debian.org/security/2005/dsa-827

www.securityfocus.com/bid/14978

exchange.xforce.ibmcloud.com/vulnerabilities/22461

6.7 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2005-3111

ubuntucve1 openvas2 nessus1 debiancve1