Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2016-10730

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API scrip...

7.8CVSS7.3AI score0.00558EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.14 views

RHEL 7 : amanda (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - amanda: Privilege escalation in amstar and amgtar via --tar-path option CVE-2016-10730 Note that Nessus has not...

7.8CVSS7.6AI score0.00558EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/23 12:0 a.m.34 views

Amazon Linux 2 : amanda (ALAS-2023-2218)

The version of amanda installed on the remote host is prior to 3.3.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2218 advisory. An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The...

7.8CVSS7AI score0.01246EPSS
Exploits4References8
Amazon
Amazon
added 2023/08/21 12:0 a.m.37 views

Medium: amanda

Issue Overview: An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injecti...

7.8CVSS7.9AI score0.01246EPSS
Exploits4
OSV
OSV
added 2018/10/24 9:29 p.m.12 views

CVE-2016-10730

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing t...

7.8CVSS7.6AI score
Exploits0References1
CVE
CVE
added 2018/10/24 9:0 p.m.70 views

CVE-2016-10730

CVE-2016-10730 affects Amanda 3.3.1. The Amstar component can be invoked in a way that leads to privilege escalation via the --star-path handling, with runtar and other components running setuid/root—allowing a backup-privileged user to compromise a client installation (local, root-level impact)....

7.8CVSS7.5AI score0.00558EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder