Debian 10: DLA-3681-1 moderate: amanda privilege escalation and info leak
debian lts
December 3, 2023
Multiple vulnerabilties have been found in Amanda,a backup system designed to archive many computers on a network to a single large-capacity tape drive
Topics Covered
Summary
CVE-2022-37703
In Amanda 3.5.1, an information leak vulnerability was found in the
calcsize SUID binary. An attacker can abuse this vulnerability to
know if a directory exists or not anywhere in the fs. The binary
will use `opendir()` as root directly without checking the path,
letting the attacker provide an arbitrary path.
CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the
backup user can acquire root privileges. The vulnerable component is
the runtar SUID program, which is a wrapper to run /usr/bin/tar with
specific arguments that are controllable by the attacker. This
program mishandles the arguments passed to tar binary.
CVE-2023-30577
The SUID binary "runtar" can accept the possibly malicious GNU tar
options if fed with some non-argument option starting with
"--exclude" (say --exclude-vcs). The following option will be
accepted as "good" and it could be an option passing some
PREVIOUS
NEXT
Package: amanda
Version: 1:3.5.1-2+deb10u2
CVE ID: CVE-2022-37703 CVE-2022-37705 CVE-2023-30577
Debian Bug: 1021017 1029829 1055253
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!