Lucene search
K

211 matches found

Debian CVE
Debian CVE
added 2023/04/16 12:0 a.m.61 views

CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure...

6.7CVSS6.4AI score0.00526EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/04/16 12:0 a.m.17 views

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

7.3AI score0.01246EPSS
Exploits2References12
OSV
OSV
added 2023/04/16 12:0 a.m.25 views

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

6.7CVSS6.9AI score0.01246EPSS
Exploits2References15
CVE
CVE
added 2023/04/16 12:0 a.m.124 views

CVE-2022-37705

CVE-2022-37705 affects Amanda 3.5.1. The runtar SUID wrapper to tar mishandles arguments, enabling a backup user to escalate to root. Public notes in Debian LTS advisories confirm a fix in amanda packages (e.g., Debian 11 1:3.5.1-7+deb11u1) and CloudLinux/LT advisory references indicate tar optio...

6.7CVSS6.8AI score0.01246EPSS
Exploits2References13Affected Software1
Debian CVE
Debian CVE
added 2023/04/16 12:0 a.m.48 views

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

6.7CVSS6.7AI score0.01246EPSS
Exploits2
Cvelist
Cvelist
added 2023/04/16 12:0 a.m.32 views

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

7.1AI score0.01246EPSS
Exploits2References12
OSV
OSV
added 2023/04/03 2:46 a.m.4 views

USN-5966-3 amanda regression

USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This update provides security fixes for Ubuntu 22.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. We apologize for the inconvenience. Original advisory details:...

6.7CVSS6.6AI score0.01246EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2023/04/03 12:0 a.m.21 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : amanda regression (USN-5966-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5966-3 advisory. USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This...

6.7CVSS6.1AI score0.01246EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/04/03 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-5966-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2023/04/03 12:0 a.m.18 views

Fedora: Security Advisory for amanda (FEDORA-2023-1293196f34)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/04/03 12:0 a.m.20 views

Fedora: Security Advisory for amanda (FEDORA-2023-e295804b3d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References2
Fedora
Fedora
added 2023/04/02 2:1 a.m.29 views

[SECURITY] Fedora 37 Update: amanda-3.5.3-1.fc37

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

8.8CVSS6.1AI score0.01246EPSS
Exploits4
Fedora
Fedora
added 2023/04/02 1:34 a.m.27 views

[SECURITY] Fedora 36 Update: amanda-3.5.3-1.fc36

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

8.8CVSS6.1AI score0.01246EPSS
Exploits4
Fedora
Fedora
added 2023/04/02 12:17 a.m.29 views

[SECURITY] Fedora 38 Update: amanda-3.5.3-1.fc38

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to one or more tape drives or disk files. AMANDA uses native dump and/or GNU tar facilities and can back up a...

8.8CVSS6.1AI score0.01246EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.33 views

Fedora 38 : amanda (2023-3d0619d767)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d0619d767 advisory. Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes...

6.7CVSS6.2AI score0.01246EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.25 views

Fedora 36 : amanda (2023-1293196f34)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-1293196f34 advisory. Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes...

6.7CVSS6.2AI score0.01246EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/04/02 12:0 a.m.18 views

Fedora: Security Advisory for amanda (FEDORA-2023-3d0619d767)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.20 views

Fedora 37 : amanda (2023-e295804b3d)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e295804b3d advisory. Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes...

6.7CVSS6.2AI score0.01246EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/03/24 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-5966-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2023/03/23 2:28 p.m.65 views

USN-5966-2: amanda regression

USN-5966-1 fixed vulnerabilities in amanda. Unfortunately it introduced a regression in GNUTAR-based backups. This update reverts all of the changes in amanda until a better fix is provided. We apologize for the inconvenience. Original advisory details: Maher Azzouzi discovered an information...

6.2AI score
Exploits0References1
Rows per page
Query Builder