CVE-2022-37704

2023-01-3000:00:00

ubuntu.com

amanda 3.5.1

privilege escalation

rundump

suid binary

/lib/amanda

/usr/sbin/dump

denial of service

information disclosure

CVSS3

6.7

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

14.6%

JSON

Amanda 3.5.1 allows privilege escalation from the regular user backup to
root. The SUID binary located at /lib/amanda/rundump will execute
/usr/sbin/dump as root with controlled arguments from the attacker which
may lead to escalation of privileges, denial of service, and information
disclosure.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029829>

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchamanda< 1:3.5.1-1ubuntu0.3UNKNOWN
ubuntu20.04noarchamanda< 1:3.5.1-2ubuntu0.3UNKNOWN
ubuntu22.04noarchamanda< 1:3.5.1-8ubuntu1.3UNKNOWN
ubuntu22.10noarchamanda< 1:3.5.1-9ubuntu0.3UNKNOWN
ubuntu23.04noarchamanda< 1:3.5.1-11UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	amanda	< 1:3.5.1-1ubuntu0.3	UNKNOWN
ubuntu	20.04	noarch	amanda	< 1:3.5.1-2ubuntu0.3	UNKNOWN
ubuntu	22.04	noarch	amanda	< 1:3.5.1-8ubuntu1.3	UNKNOWN
ubuntu	22.10	noarch	amanda	< 1:3.5.1-9ubuntu0.3	UNKNOWN
ubuntu	23.04	noarch	amanda	< 1:3.5.1-11	UNKNOWN