Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-37703

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists...

3.3CVSS5.4AI score0.00703EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/09/07 12:0 a.m.20 views

Debian dla-3880 : amanda-client - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3880 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3880-1 [email protected]...

7.8CVSS6.2AI score0.01246EPSS
Exploits4References10
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.21 views

RHEL 8 : amanda (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - amanda: runtar: crafted arguments can lead to local privilege escalation CVE-2022-37705 - In Amanda 3.5.1...

6.7CVSS8.3AI score0.01246EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 6 : amanda (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - amanda: Improper argument checking for runtar.c CVE-2023-30577 - In Amanda 3.5.1, an information leak...

6.7AI score0.01246EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2023/12/04 12:0 a.m.28 views

Debian: Security Advisory (DLA-3681-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.4AI score0.01246EPSS
Exploits3References4
Debian
Debian
added 2023/12/03 9:48 a.m.34 views

[SECURITY] [DLA 3681-1] amanda security update

Debian LTS Advisory DLA-3681-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost December 03, 2023 https://wiki.debian.org/LTS Package : amanda Version : 1:3.5.1-2+deb10u2 CVE ID : CVE-2022-37703 CVE-2022-37705 CVE-2023-30577 Debian Bug : 1021017 1029829 1055253 Multip...

7.8CVSS6.8AI score0.01246EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2023/12/03 12:0 a.m.25 views

Debian dla-3681 : amanda-client - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3681 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3681-1 [email protected]...

7.8CVSS6.5AI score0.01246EPSS
Exploits3References8
Circl
Circl
added 2023/12/01 9:2 a.m.5 views

CVE-2022-37703

creationtimestamp| type| source ---|---|--- 2023-12-01 09:02:55+00:00| seen| https://t.me/arpsyndicate/849...

3.3CVSS4.6AI score0.00703EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/03 12:0 a.m.21 views

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : amanda regression (USN-5966-3)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5966-3 advisory. USN-5966-1 fixed vulnerabilities in amanda. Unfortunately that update caused a regression and was reverted in USN-5966-2. This...

6.7CVSS6.1AI score0.01246EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/04/03 12:0 a.m.20 views

Fedora: Security Advisory for amanda (FEDORA-2023-e295804b3d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/04/03 12:0 a.m.28 views

Ubuntu: Security Advisory (USN-5966-3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2023/04/02 12:0 a.m.33 views

Fedora 38 : amanda (2023-3d0619d767)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-3d0619d767 advisory. Update to version 3.5.3, which contains fixes for three minor security issues as well as other minor bugfixes...

6.7CVSS6.2AI score0.01246EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2023/03/24 12:0 a.m.26 views

Ubuntu: Security Advisory (USN-5966-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS5.4AI score0.01246EPSS
Exploits3References3
Ubuntu
Ubuntu
added 2023/03/23 6:20 a.m.56 views

USN-5966-1: amanda vulnerabilities

Maher Azzouzi discovered an information disclosure vulnerability in the calcsize binary within amanda. calcsize is a suid binary owned by root that could possibly be used by a malicious local attacker to expose sensitive file system information. CVE-2022-37703 Maher Azzouzi discovered a privilege...

6.7CVSS6.2AI score0.01246EPSS
Exploits3
CVE
CVE
added 2022/09/13 12:0 a.m.96 views

CVE-2022-37703

CVE-2022-37703 affects Amanda 3.5.1 with an information-disclosure in the calcsize SUID binary. The calcsize binary uses opendir() at root without path validation, enabling a local attacker to determine whether a given directory exists anywhere on the filesystem. This is a local privilege-scope i...

3.3CVSS4.8AI score0.00703EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder