EUVD-2023-34958

Malicious code in bioql PyPI...

EUVD-2022-40318

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-37704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as roo...

USN-6614-1 amanda vulnerability

It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack...

Security update for amanda (moderate)

openSUSE Security Update: Security update for amanda Announcement ID: openSUSE-SU-2023:0206-1 Rating: moderate References: 1213701 Cross-References: CVE-2023-30577 CVSS scores: CVE-2023-30577 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 A...

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

CVE-2022-37705

A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the...

SUSE CVE-2016-10730

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing t...

PT-2022-24043 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: Amanda version 3.5.1 Description: An information leak issue was discovered in the calcsize SUID binary, allowing an attacker to determine if a directory exists anywhere in the file system. The binary uses the opendir function as root without...

CVE-2016-10730

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing t...

UBUNTU-CVE-2016-10729

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root...

CVE-2002-0901

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver AMANDA 2.3.0.4 allow 1 remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs 2 amcheck, 3...

CVE-2002-0901

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver AMANDA 2.3.0.4 allow 1 remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs 2 amcheck, 3...