storeBackup storeBackup.pl Symlink Arbitrary File Overwrite

2005-08-05T13:46:27
ID OSVDB:19736
Type osvdb
Reporter OSVDB
Modified 2005-08-05T13:46:27

Description

Solution Description

Upgrade to version 1.19 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://directory.fsf.org/sysadmin/backup/storebackup.html Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=352676 Secunia Advisory ID:17025 Secunia Advisory ID:19489 Related OSVDB ID: 19737 Other Advisory URL: http://www.us.debian.org/security/2006/dsa-1022 CVE-2005-3146