Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2020-7040

Medium priority

Some fixes available 3 of 5

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock...

1 affected package

storebackup

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
storebackup Fixed Fixed Fixed
Show less packages

CVE-2005-3148

Unknown priority
Not affected

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.

1 affected package

storebackup

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
storebackup
Show less packages

CVE-2005-3147

Unknown priority
Not affected

StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.

1 affected package

storebackup

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
storebackup
Show less packages

CVE-2005-3146

Unknown priority
Not affected

StoreBackup before 1.19 allows local users to perform unauthorized operations on arbitrary files via a symlink attack on temporary files.

1 affected package

storebackup

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
storebackup
Show less packages