Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1249-1
HistoryOct 27, 2011 - 12:00 a.m.

BackupPC vulnerabilities

2011-10-2700:00:00
ubuntu.com
40

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.005

Percentile

76.0%

JSON

Releases

  • Ubuntu 11.10
  • Ubuntu 11.04
  • Ubuntu 10.10
  • Ubuntu 10.04
  • Ubuntu 8.04

Packages

  • backuppc - high-performance, enterprise-grade system for backing up PCs

Details

It was discovered that BackupPC did not properly sanitize its input when
processing backup browser error messages, resulting in a cross-site
scripting (XSS) vulnerability. With cross-site scripting vulnerabilities,
if a user were tricked into viewing server output during a crafted server
request, a remote attacker could exploit this to modify the contents, or
steal confidential data, within the same domain. This issue did not affect
Ubuntu 11.10. (CVE-2011-3361)

Jamie Strandboge discovered that BackupPC did not properly sanitize its
input when processing log file viewer error messages, resulting in
cross-site scripting (XSS) vulnerabilities.

OSVersionArchitecturePackageVersionFilename
Ubuntu8.04noarchbackuppc< 3.0.0-4ubuntu1.3UNKNOWN
Ubuntu11.10noarchbackuppc< 3.2.1-1ubuntu1.1UNKNOWN
Ubuntu11.04noarchbackuppc< 3.2.0-3ubuntu4.2UNKNOWN
Ubuntu10.10noarchbackuppc< 3.1.0-9ubuntu2.2UNKNOWN
Ubuntu10.04noarchbackuppc< 3.1.0-9ubuntu1.2UNKNOWN

Related

prion 2
debiancve 2
openvas 7
nessus 3
cve 2
fedora 2
ubuntucve 2
cvelist 2
nvd 2
prion
prion
Cross site scripting
2012-02-18 00:55:00
Cross site scripting
2012-02-18 00:55:00
debiancve
debiancve
CVE-2011-3361
2012-02-18 00:55:02
CVE-2011-4923
2012-02-18 00:55:02
openvas
openvas
Fedora Update for BackupPC FEDORA-2012-0826
2012-02-03 00:00:00
Fedora Update for BackupPC FEDORA-2012-0825
2012-04-02 00:00:00
Fedora Update for BackupPC FEDORA-2012-0826
2012-02-03 00:00:00
nessus
nessus
Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : backuppc vulnerabilites (USN-1249-1)
2011-10-28 00:00:00
Fedora 16 : BackupPC-3.2.1-7.fc16 (2012-0825)
2012-02-02 00:00:00
Fedora 15 : BackupPC-3.2.1-7.fc15 (2012-0826)
2012-02-02 00:00:00
cve
cve
CVE-2011-3361
2012-02-18 00:55:02
CVE-2011-4923
2012-02-18 00:55:02
fedora
fedora
[SECURITY] Fedora 16 Update: BackupPC-3.2.1-7.fc16
2012-02-01 19:29:35
[SECURITY] Fedora 15 Update: BackupPC-3.2.1-7.fc15
2012-02-01 19:22:06
ubuntucve
ubuntucve
CVE-2011-3361
2011-10-03 00:00:00
CVE-2011-4923
2012-02-18 00:00:00
cvelist
cvelist
CVE-2011-3361
2012-02-18 00:00:00
CVE-2011-4923
2012-02-18 00:00:00
nvd
nvd
CVE-2011-3361
2012-02-18 00:55:02
CVE-2011-4923
2012-02-18 00:55:02

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.5

Confidence

High

EPSS

0.005

Percentile

76.0%

JSON
Related for USN-1249-1
prion2debiancve2openvas7nessus3cve2fedora2ubuntucve2cvelist2nvd2