CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-1999-1498

Malware in sbrugna...

7.2CVSS6.4AI score0.00478EPSS

Exploits1References3

Tenable Nessus•added 2025/03/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2022-37705

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program,...

6.7CVSS6.6AI score0.01246EPSS

Exploits2References3

Debian•added 2024/09/07 5:29 p.m.•17 views

[SECURITY] [DLA 3880-1] amanda security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3880-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk September 07, 2024 https://wiki.debian.org/LTS -...

7.8CVSS7AI score0.01246EPSS

Exploits4

BDU FSTEC•added 2024/02/27 12:0 a.m.•3 views

Vulnerability of the runtar.c component. The open-source backup software Advanced Maryland Automatic Network Disk Archiver (Amanda) allows a hacker to gain increased privileges.

The vulnerability of the runtar.c component of the open-source backup software, Advanced Maryland Automatic Network Disk Archiver Amanda, involves the exploitation or modification of arguments. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.00459EPSS

Exploits1References8Affected Software3

Fedora•added 2023/08/05 1:39 a.m.•24 views

[SECURITY] Fedora 38 Update: amanda-3.5.4-3.fc38

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

7.8CVSS7AI score0.00459EPSS

Exploits1

OSV•added 2023/03/10 11:5 a.m.•5 views

OESA-2023-1149 amanda security update

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to a single large capacity tape or disk drive. Amanda uses native tools such as GNUtar, dump for backup and ca...

6.7CVSS7.2AI score0.01246EPSS

Exploits3References3

SUSE CVE•added 2023/02/15 3:24 a.m.•3 views

SUSE CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

7.8CVSS6.8AI score0.00526EPSS

Exploits1References4

OSV•added 2023/01/30 12:0 a.m.•3 views

UBUNTU-CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

6.7CVSS6.8AI score0.01246EPSS

Exploits2References6

CNNVD•added 2022/09/13 12:0 a.m.•4 views

Amanda 路径遍历漏洞

Amanda is an automated network disk archiver organized by the University of Maryland at College Park. Allows IT administrators to set up a single primary backup server to back up multiple hosts to tape drives/converters or disk or optical media over a network. A security vulnerability exists in...

3.3CVSS5.2AI score0.00703EPSS

Exploits0References10

Prion•added 2018/10/24 9:29 p.m.•13 views

Command injection

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root...

7.2CVSS7.7AI score0.01187EPSS

Exploits1References1Affected Software3

Packet Storm•added 2016/01/16 12:0 a.m.•34 views

Amanda 3.3.1 amstar Command Injection

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats e.g. dump...

0.2AI score

Exploits0

exploitpack•added 2016/01/15 12:0 a.m.•28 views

Amanda 3.3.1 - amstar Command Injection Privilege Escalation

Amanda 3.3.1 - amstar Command Injection Privilege Escalation AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or...

1.8AI score

Exploits0

Packet Storm•added 2016/01/11 12:0 a.m.•43 views

Amanda 3.3.1 Local Root Privilege Escalation

1AI score

Exploits0

0day.today•added 2016/01/11 12:0 a.m.•34 views

Amanda 3.3.1 - Privilege Escalation

Exploit for linux platform in category local exploits / AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical...

6.8AI score

Exploits0

exploitpack•added 2016/01/11 12:0 a.m.•25 views

Amanda 3.3.1 - Local Privilege Escalation

Amanda 3.3.1 - Local Privilege Escalation / AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda...

0.6AI score

Exploits0

Exploit DB•added 2016/01/11 12:0 a.m.•53 views

Amanda 3.3.1 - Local Privilege Escalation

/ AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup solution that allows the IT administrator to set up a single master backup server to back up multiple hosts over network to tape drives/changers or disks or optical media. Amanda uses native utilities and formats e.g. du...

7AI score

Exploits0

OpenVAS•added 2005/11/03 12:0 a.m.•19 views

Amanda client version

This detects the Amanda backup system client version. The client version gives potential attackers additional information about the system they are attacking. SPDX-FileCopyrightText: 2005 Paul J. Ewing Jr. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

6.9AI score

Exploits0

CVE•added 2001/09/12 4:0 a.m.•52 views

CVE-1999-1517

CVE-1999-1517 concerns runtar in the Amanda backup system on UNIX-like OSes. The vulnerable component runs tar with root privileges, enabling a local attacker to overwrite or read arbitrary files by specifying target files to runtar. The CVSS-based notes indicate local access, no authentication, ...

7.2CVSS6.9AI score0.00478EPSS

Exploits1References2Affected Software1

Cvelist•added 2001/09/12 4:0 a.m.•23 views

CVE-1999-1517

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar...

6.5AI score0.00478EPSS

Exploits1References2

Tenable Nessus•added 2000/07/14 12:0 a.m.•85 views

AMANDA Client Version

The remote host is running an AMANDA backup system client. AMANDA is a backup system that allows a single backup server to backup multiple hosts. This script was written by Paul Ewing See the Nessus Scripts License for details include"compat.inc"; ifdescription scriptid10462; scriptversion "1.22"...

5.5AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by