CVE-2022-37704 (amanda) | allinfosecnews.com

April 16, 2023, 1:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.

amanda backup binary cve denial of service disclosure escalation information information disclosure may privilege privilege escalation privileges root service

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Director, Cyber Risk

@ Kroll | South Africa

View on infosec-jobs.com

Security Engineer, XRM

@ Meta | New York City

View on infosec-jobs.com

Security Analyst 3

@ Oracle | Romania

View on infosec-jobs.com

Internship - Cyber Security Operations

@ SES | Betzdorf, LU

View on infosec-jobs.com

Principal Product Manager (Network/Security Management) - NetSec

@ Palo Alto Networks | Bengaluru, India

View on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany

View on infosec-jobs.com