Lucene search
GoogleOSV:DSA-1022-1HistoryApr 04, 2006 - 12:00 a.m.
storebackup - several
2006-04-0400:00:00
Google
osv.dev
5
0.001 Low
EPSS
Percentile
30.4%
Several vulnerabilities have been discovered in the backup utility
storebackup. The Common Vulnerabilities and Exposures project identifies
the following problems:
- CVE-2005-3146
Storebackup creates a temporary file predictably, which can be
exploited to overwrite arbitrary files on the system with a symlink
attack. - CVE-2005-3147
The backup root directory wasn’t created with fixed permissions, which may lead to
inproper permissions if the umask is too lax. - CVE-2005-3148
The user and group rights of symlinks are set incorrectly when making
or restoring a backup, which may leak sensitive data.
The old stable distribution (woody) doesn’t contain storebackup packages.
For the stable distribution (sarge) these problems have been fixed in
version 1.18.4-2sarge1.
For the unstable distribution (sid) these problems have been fixed in
version 1.19-2.
We recommend that you upgrade your storebackup package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| storebackup | eq | 1.18.4-2 |
References
Related
debian
debian
[SECURITY] [DSA 1022-1] New storebackup packages fix several vulnerabilities
2006-04-03 23:36:45
openvas
openvas
Debian: Security Advisory (DSA-1022-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1022-1 (storebackup)
2008-01-17 00:00:00
nessus
nessus
Debian DSA-1022-1 : storebackup - several vulnerabilities
2006-10-14 00:00:00
cvelist
cvelist
nvd
nvd
ubuntucve
ubuntucve
cve
cve
debiancve
debiancve