Lucene search
+L

211 matches found

Prion
Prion
added 2023/07/26 5:15 p.m.28 views

Code injection

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

4.3CVSS6.4AI score0.01246EPSS
Exploits3References5Affected Software1
OSV
OSV
added 2023/07/26 5:15 p.m.5 views

UBUNTU-CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

7.8CVSS7.1AI score0.00459EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/07/26 12:0 a.m.4 views

Amanda 参数注入漏洞

Amanda is an automated network disk archiver organized by the University of Maryland at College Park. Allows IT administrators to set up a single primary backup server to back up multiple hosts to tape drives/converters or disks or optical media over a network. A security vulnerability exists in...

7.8CVSS7.1AI score0.00459EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2023/07/26 12:0 a.m.37 views

CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

6.8AI score0.00459EPSS
Exploits1References5
CVE
CVE
added 2023/07/26 12:0 a.m.134 views

CVE-2023-30577

AMANDA (backup system) is affected by CVE-2023-30577: the SUID binary runtar mishandles arguments, allowing certain GNU tar options (e.g., starting with --exclude) to be accepted and potentially cause root-level execution. This is a local privilege-escalation path tied to runtar’s argument handli...

7.8CVSS6.7AI score0.00459EPSS
Exploits1References6Affected Software1
UbuntuCve
UbuntuCve
added 2023/07/26 12:0 a.m.52 views

CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

7.8CVSS7AI score0.00459EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/07/26 12:0 a.m.29 views

CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

7.8CVSS7.3AI score0.00459EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2023/07/26 12:0 a.m.8 views

PT-2023-8692 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: AMANDA versions prior to 3.5.4 Description: The issue is related to the mishandling of argument checking for runtar.c in the AMANDA software, which can be exploited to elevate privileges. This is a different issue than previously reported...

7.8CVSS6.8AI score0.01246EPSS
Exploits4References39
Cvelist
Cvelist
added 2023/07/26 12:0 a.m.28 views

CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

7.2AI score0.00459EPSS
Exploits1References5
OSV
OSV
added 2023/07/26 12:0 a.m.29 views

CVE-2023-30577

AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705...

7.8CVSS7.2AI score0.00459EPSS
Exploits1References8
NVD
NVD
added 2023/04/16 1:15 a.m.19 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.7CVSS6.8AI score0.00526EPSS
Exploits1References12
OSV
OSV
added 2023/04/16 1:15 a.m.4 views

DEBIAN-CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

6.7CVSS6.7AI score0.01246EPSS
Exploits2References1
NVD
NVD
added 2023/04/16 1:15 a.m.23 views

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

6.7CVSS7AI score0.01246EPSS
Exploits2References13
OSV
OSV
added 2023/04/16 1:15 a.m.1 views

DEBIAN-CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.7CVSS6.4AI score0.00526EPSS
Exploits1References1
Prion
Prion
added 2023/04/16 1:15 a.m.16 views

Information disclosure

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

4CVSS6.5AI score0.00526EPSS
Exploits1References11Affected Software1
Prion
Prion
added 2023/04/16 1:15 a.m.19 views

Privilege escalation

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

4CVSS6.5AI score0.01246EPSS
Exploits2References12Affected Software1
Cvelist
Cvelist
added 2023/04/16 12:0 a.m.42 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.9AI score0.00526EPSS
Exploits1References11
Vulnrichment
Vulnrichment
added 2023/04/16 12:0 a.m.5 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.8AI score0.00526EPSS
Exploits1References11
CVE
CVE
added 2023/04/16 12:0 a.m.139 views

CVE-2022-37704

Summary of CVE-2022-37704 : Amanda 3.5.1 contains a privilege escalation in the SUID binary /lib/amanda/rundump, which can cause root execution of /usr/sbin/dump with attacker-controlled arguments. This can enable local privilege escalation, and may also lead to denial of service and information ...

6.7CVSS6.5AI score0.00526EPSS
Exploits1References12Affected Software1
OSV
OSV
added 2023/04/16 12:0 a.m.20 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.7CVSS7AI score0.00526EPSS
Exploits1References14
Rows per page
Query Builder