12 matches found
CVE-2020-7040
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : StoreBackup vulnerability (USN-4508-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-4508-1 advisory. It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service ...
Ubuntu: Security Advisory (USN-4508-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4508-1: StoreBackup vulnerability
It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. CVE-2020-7040...
openSUSE Security Update : storeBackup (openSUSE-2020-119)
This update for storeBackup fixes the following issues : - CVE-2020-7040: Fixed a symlink attack which could lead to denial of service boo1156767. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-119...
openSUSE: Security Advisory for storeBackup (openSUSE-SU-2020:0119_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0119-1 Security update for storeBackup
This update for storeBackup fixes the following issues: - CVE-2020-7040: Fixed a symlink attack which could lead to denial of service boo1156767...
Security update for storeBackup (moderate)
openSUSE Security Update: Security update for storeBackup Announcement ID: openSUSE-SU-2020:0119-1 Rating: moderate References: 1156767 Cross-References: CVE-2020-7040 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that fixes one...
CVE-2020-7040
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...
CVE-2020-7040
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...
CVE-2020-7040
CVE-2020-7040 affects the StoreBackup tool (storeBackup.pl) up to version 3.5, where it relies on the /tmp/storeBackup.lock path. This allows local attackers to perform a symlink attack or create a plain file named /tmp/storeBackup.lock to block usage, potentially leading to privilege escalation ...
CVE-2020-7040
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that fi...