SUSE CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

DEBIAN-CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

PT-2022-24043 · Amanda +2 · Amanda +2

Name of the Vulnerable Software and Affected Versions: Amanda version 3.5.1 Description: An information leak issue was discovered in the calcsize SUID binary, allowing an attacker to determine if a directory exists anywhere in the file system. The binary uses the opendir function as root without...

Amanda 路径遍历漏洞

Amanda is an automated network disk archiver organized by the University of Maryland at College Park. Allows IT administrators to set up a single primary backup server to back up multiple hosts to tape drives/converters or disk or optical media over a network. A security vulnerability exists in...