Arbitrary Code Execution

2020-08-0621:36:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.002

Percentile

59.4%

JSON

Bareos is vulnerable to arbitrary code execution. A heap overflow allows a malicious client to corrupt the director’s memory via oversized digest strings sent during initialization of a verify job.

References

bugs.bareos.org/view.php?id=1210

github.com/bareos/bareos/security/advisories/GHSA-mm45-cg35-54j4

lists.debian.org/debian-lts-announce/2020/08/msg00051.html

EPSS

0.002

Percentile

59.4%

JSON

Related for VERACODE:26215