CVE search results

1 – 4 of 4 results

Detailed view

Sort by:

CVE-2020-7040

Medium priority

Some fixes available 3 of 5

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock...

1 affected package

storebackup

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
storebackup	—	—	Fixed	Fixed

CVE-2005-3148

Medium priority

Not affected

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.

1 affected package

storebackup

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
storebackup	—	—	—	—

CVE-2005-3147

Medium priority

Not affected

StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.

1 affected package

storebackup

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
storebackup	—	—	—	—

CVE-2005-3146

Medium priority

Not affected

StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.

1 affected package

storebackup

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
storebackup	—	—	—	—

Search CVE reports