Описание
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| bacula | fixed | 5.2.6+dfsg-4 | package | |
| bacula | fixed | 5.2.6+dfsg-2.1 | wheezy | package |
Примечания
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
EPSS
Связанные уязвимости
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
EPSS