Lucene search
+L

24 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2023-30577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than...

7.8CVSS6.7AI score0.00459EPSS
Exploits1References3
nessus
nessus
added 2024/09/07 12:0 a.m.20 views

Debian dla-3880 : amanda-client - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3880 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3880-1 [email protected]...

7.8CVSS6.2AI score0.01246EPSS
Exploits4References10
nessus
nessus
added 2024/05/11 12:0 a.m.35 views

RHEL 6 : amanda (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - amanda: Improper argument checking for runtar.c CVE-2023-30577 - In Amanda 3.5.1, an information leak...

6.7AI score0.01246EPSS
Exploits4References4
openvas
openvas
added 2024/03/04 12:0 a.m.17 views

openSUSE: Security Advisory for amanda (openSUSE-SU-2023:0206-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00459EPSS
Exploits1References2
nessus
nessus
added 2024/01/30 12:0 a.m.25 views

Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 : amanda vulnerability (USN-6614-1)

The remote Ubuntu 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6614-1 advisory. It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issu...

7.8CVSS7.4AI score0.00459EPSS
Exploits1References2
nessus
nessus
added 2024/01/16 12:0 a.m.35 views

EulerOS 2.0 SP8 : amanda (EulerOS-SA-2023-3112)

According to the versions of the amanda packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different...

7.8CVSS6.9AI score0.01246EPSS
Exploits3References2
openvas
openvas
added 2023/12/04 12:0 a.m.28 views

Debian: Security Advisory (DLA-3681-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS5.4AI score0.01246EPSS
Exploits3References4
debian
debian
added 2023/12/03 9:48 a.m.34 views

[SECURITY] [DLA 3681-1] amanda security update

Debian LTS Advisory DLA-3681-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost December 03, 2023 https://wiki.debian.org/LTS Package : amanda Version : 1:3.5.1-2+deb10u2 CVE ID : CVE-2022-37703 CVE-2022-37705 CVE-2023-30577 Debian Bug : 1021017 1029829 1055253 Multip...

7.8CVSS6.8AI score0.01246EPSS
Exploits3
nessus
nessus
added 2023/12/03 12:0 a.m.25 views

Debian dla-3681 : amanda-client - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3681 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3681-1 [email protected]...

7.8CVSS6.5AI score0.01246EPSS
Exploits3References8
nessus
nessus
added 2023/08/23 12:0 a.m.27 views

Amazon Linux AMI : amanda (ALAS-2023-1808)

The version of amanda installed on the remote host is prior to 2.6.1p2-8.14. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1808 advisory. An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation...

7.8CVSS7AI score0.01246EPSS
Exploits4References6
nessus
nessus
added 2023/08/23 12:0 a.m.35 views

Amazon Linux 2 : amanda (ALAS-2023-2218)

The version of amanda installed on the remote host is prior to 3.3.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2218 advisory. An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The...

7.8CVSS7AI score0.01246EPSS
Exploits4References8
osv
osv
added 2023/08/18 11:5 a.m.6 views

OESA-2023-1507 amanda security update

AMANDA, the Advanced Maryland Automatic Network Disk Archiver, is a backup system that allows the administrator of a LAN to set up a single master backup server to back up multiple hosts to a single large capacity tape or disk drive. Amanda uses native tools such as GNUtar, dump for backup and ca...

7.8CVSS7.1AI score0.00459EPSS
Exploits1References2
osv
osv
added 2023/08/17 6:13 p.m.11 views

CLSA-2023-1692295986 Fix CVE(s): CVE-2023-30577, CVE-2022-37705

SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2022-37705.patch: filter tar options - CVE-2022-37705 SECURITY UPDATE: privilege escalation through runtar SUID program - debian/patches/CVE-2023-30577.patch: introduce tar option allow list - CVE-2023-30577...

7.8CVSS6.9AI score0.01246EPSS
Exploits3References1
cloudlinux
cloudlinux
added 2023/08/17 5:24 p.m.33 views

amanda: Fix of 2 CVEs

CVE-2022-37705: fix tar option filtering - CVE-2023-30577: introduce tar option allow list...

7.8CVSS7.1AI score0.01246EPSS
Exploits3
nessus
nessus
added 2023/08/05 12:0 a.m.19 views

Fedora 38 : amanda (2023-4db1d56125)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-4db1d56125 advisory. Update to new upstream version 3.5.4. This brings a fix for a security issue, CVE-2023-30577. This update also fixes the manual pages. Tenable has extracted...

7.8CVSS7.3AI score0.00459EPSS
Exploits1References2
nessus
nessus
added 2023/08/05 12:0 a.m.29 views

openSUSE 15 Security Update : amanda (openSUSE-SU-2023:0205-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0205-1 advisory. - AMANDA Advanced Maryland Automatic Network Disk Archiver before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerabilit...

7.8CVSS6.8AI score0.01246EPSS
Exploits3References4
osv
osv
added 2023/08/04 6:1 p.m.6 views

OPENSUSE-SU-2023:0206-1 Security update for amanda

This update for amanda fixes the following issues: - CVE-2023-30577: Fixed improper argument checking for runtar.c boo1213701,...

7.8CVSS7.6AI score0.00459EPSS
Exploits1References3
osv
osv
added 2023/08/04 6:1 p.m.6 views

OPENSUSE-SU-2023:0205-1 Security update for amanda

This update for amanda fixes the following issues: - CVE-2023-30577: Fixed improper argument checking for runtar.c boo1213701...

7.8CVSS7.6AI score0.00459EPSS
Exploits1References3
opensuse
opensuse
added 2023/08/04 12:0 a.m.6 views

Security update for amanda (moderate)

openSUSE Security Update: Security update for amanda Announcement ID: openSUSE-SU-2023:0206-1 Rating: moderate References: 1213701 Cross-References: CVE-2023-30577 CVSS scores: CVE-2023-30577 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP4 A...

7.8CVSS7.2AI score0.00459EPSS
Exploits1References1
opensuse
opensuse
added 2023/08/04 12:0 a.m.3 views

Security update for amanda (moderate)

openSUSE Security Update: Security update for amanda Announcement ID: openSUSE-SU-2023:0205-1 Rating: moderate References: 1213701 Cross-References: CVE-2023-30577 CVSS scores: CVE-2023-30577 NVD : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP5 A...

7.8CVSS7.2AI score0.00459EPSS
Exploits1References1
Rows per page
Query Builder