Debian Amanda vulnerabilities

CVE-2023-30577 [MEDIUM] CVE-2023-30577: amanda - AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-... AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. Scope: local bookworm: resolved (fixed in 1:3.5.1-11+deb12u1) bullseye: resolved (fixed in 1:3.5.1-7+deb11u1) sid: resolved (fixed in 1:3.5.1-11.1) trixie: resolved (fixed in 1:3.5.1-11.1)

CVE-2022-37705 [MEDIUM] CVE-2022-37705: amanda - A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user c... A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to tar binary (it expects that the argument name and value

CVE-2022-37704 [MEDIUM] CVE-2022-37704: amanda - Amanda 3.5.1 allows privilege escalation from the regular user backup to root. T... Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure. Scope: local bookworm: resolved (fixed in 1:3.5.1-10) bullseye: resolv

CVE-2022-37703 [LOW] CVE-2022-37703: amanda - In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUI... In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. Scope: local bookworm: resolved (fixed in 1:3.5.1-10) bull

CVE-2016-10730 [HIGH] CVE-2016-10730: amanda - An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivi... An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path. Scope: local bookworm: resolved (f

CVE-2016-10729 [HIGH] CVE-2016-10729: amanda - An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivi... An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root. Scope: local bookworm: resolved (fixed in 1:3.3.9-1) bullseye: resolved (fix

CVE-2002-0901 [CRITICAL] CVE-2002-0901: amanda - Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (... Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createind