Published: 05/10/2005 Updated: 05/09/2008

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

VMScore: 187

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

StoreBackup prior to 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
storebackup storebackup 1.12.1
storebackup storebackup 1.12.2
storebackup storebackup 1.13
storebackup storebackup 1.14
storebackup storebackup 1.5
storebackup storebackup 1.6
storebackup storebackup 1.7
storebackup storebackup 1.8
storebackup storebackup 1.10.1
storebackup storebackup 1.12
storebackup storebackup 1.15
storebackup storebackup 1.16.1
storebackup storebackup 1.17
storebackup storebackup 1.18.4
storebackup storebackup 1.3
storebackup storebackup 1.9
storebackup storebackup 1.1
storebackup storebackup 1.18
storebackup storebackup 1.18.1
storebackup storebackup 1.18.2
storebackup storebackup 1.18.3
storebackup storebackup 1.10
storebackup storebackup 1.11
storebackup storebackup 1.16
storebackup storebackup 1.16.2
storebackup storebackup 1.2
storebackup storebackup 1.4
storebackup storebackup 1.8.1
storebackup storebackup 1.9.1
suse suse linux

Several vulnerabilities have been discovered in the backup utility storebackup The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-3146 Storebackup creates a temporary file predictably, which can be exploited to overwrite arbitrary files on the system with a symlink attack CVE-2005-3147 Th ...

NVD-CWE-Other http://sourceforge.net/project/shownotes.php?release_id=352676 http://www.securityfocus.com/advisories/9384 http://secunia.com/advisories/17025 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332434 http://www.us.debian.org/security/2006/dsa-1022 http://secunia.com/advisories/19489 https://nvd.nist.gov https://www.debian.org/security/./dsa-1022

CVE-2005-3147

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect