Описание
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:3.5.1-1ubuntu0.3 |
| devel | released | 1:3.5.1-11 |
| esm-apps/bionic | released | 1:3.5.1-1ubuntu0.3 |
| esm-apps/focal | released | 1:3.5.1-2ubuntu0.3 |
| esm-apps/jammy | released | 1:3.5.1-8ubuntu1.3 |
| esm-apps/xenial | ignored | regressions likely |
| focal | released | 1:3.5.1-2ubuntu0.3 |
| jammy | released | 1:3.5.1-8ubuntu1.3 |
| kinetic | released | 1:3.5.1-9ubuntu0.3 |
| lunar | released | 1:3.5.1-11 |
Показывать по
EPSS
6.7 Medium
CVSS3
Связанные уязвимости
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.
Amanda 3.5.1 allows privilege escalation from the regular user backup ...
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.
EPSS
6.7 Medium
CVSS3