31 matches found
EUVD-2017-16577
Malware in sbrugna...
EUVD-2017-7851
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2017-16667
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of...
SUSE CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
SUSE CVE-2017-16667
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
GLSA-201801-06 : Back In Time: Command injection
The remote host is affected by the vulnerability described in GLSA-201801-06 Back In Time: Command injection Back in Time did improper escaping/quoting of file paths used as arguments to the notify-send command leading to some parts of file paths being executed as shell commands within an os.syst...
MGASA-2018-0059 Updated backintime packages fix security vulnerability
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
CVE-2017-16667
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
UBUNTU-CVE-2017-16667
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
DEBIAN-CVE-2017-16667
backintime aka Back in Time before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to some parts of file paths being executed as shell commands within an os.system call in qt4/plugins/notifyplugin.py. This could allow an attacker to craft...
[SECURITY] Fedora 25 Update: backintime-1.1.20-1.fc25
Back In Time is a simple backup system for Linux inspired from flyback project and TimeVault. The backup is done by taking snapshots of a specified set of directories...
Back In Time competitive conditions loophole
Back In Time aka backintime is a suite of Linux backup tools. A competitive condition vulnerability exists in the 'checkPolkitPrivilege' function of the serviceHelper.py file in Back In Time 1.1.18 and earlier versions. An attacker can exploit this vulnerability to replace the user's request...
[SECURITY] Fedora 26 Update: backintime-1.1.20-1.fc26
Back In Time is a simple backup system for Linux inspired from flyback project and TimeVault. The backup is done by taking snapshots of a specified set of directories...
Race condition
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
DEBIAN-CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
UBUNTU-CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...
CVE-2017-7572
The checkPolkitPrivilege function in serviceHelper.py in Back In Time aka backintime 1.1.18 and earlier uses a deprecated polkit authorization method unix-process that is subject to a race condition time of check, time of use. With this authorization method, the owner of a process requesting a...