Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:47 p.m.5 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...

9.3CVSS6.8AI score0.02868EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/09/17 12:0 a.m.32 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : StoreBackup vulnerability (USN-4508-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4508-1 advisory. It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service ...

9.3CVSS7.8AI score0.02868EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/09/17 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-4508-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS8.2AI score0.02868EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2020/09/16 7:33 p.m.59 views

USN-4508-1: StoreBackup vulnerability

It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. CVE-2020-7040...

9.3CVSS7.8AI score0.02868EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/01/30 12:0 a.m.25 views

openSUSE Security Update : storeBackup (openSUSE-2020-119)

This update for storeBackup fixes the following issues : - CVE-2020-7040: Fixed a symlink attack which could lead to denial of service boo1156767. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-119...

9.3CVSS7.5AI score0.02868EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/29 12:0 a.m.25 views

openSUSE: Security Advisory for storeBackup (openSUSE-SU-2020:0119_1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.3CVSS8.1AI score0.02868EPSS
Exploits0References2
OSV
OSV
added 2020/01/28 1:11 p.m.6 views

OPENSUSE-SU-2020:0119-1 Security update for storeBackup

This update for storeBackup fixes the following issues: - CVE-2020-7040: Fixed a symlink attack which could lead to denial of service boo1156767...

9.3CVSS7.8AI score0.02868EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/01/28 12:0 a.m.56 views

Security update for storeBackup (moderate)

openSUSE Security Update: Security update for storeBackup Announcement ID: openSUSE-SU-2020:0119-1 Rating: moderate References: 1156767 Cross-References: CVE-2020-7040 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that fixes one...

9.3CVSS7.8AI score0.02868EPSS
Exploits0References1
OSV
OSV
added 2020/01/21 9:15 p.m.10 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...

8.1CVSS8AI score0.02868EPSS
Exploits0References10
Cvelist
Cvelist
added 2020/01/21 8:3 p.m.21 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...

7.9AI score0.02868EPSS
Exploits0References10
CVE
CVE
added 2020/01/21 8:3 p.m.182 views

CVE-2020-7040

CVE-2020-7040 affects the StoreBackup tool (storeBackup.pl) up to version 3.5, where it relies on the /tmp/storeBackup.lock path. This allows local attackers to perform a symlink attack or create a plain file named /tmp/storeBackup.lock to block usage, potentially leading to privilege escalation ...

9.3CVSS7.8AI score0.02868EPSS
Exploits0References10Affected Software1
Debian CVE
Debian CVE
added 2020/01/21 8:3 p.m.38 views

CVE-2020-7040

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...

9.3CVSS8AI score0.02868EPSS
Exploits0
Rows per page
Query Builder