PT-2023-8692 · Amanda+2 · Amanda+2

Silmort

Publicado

2023-07-26

Atualizado

2025-11-04

CVE-2023-30577

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions AMANDA versions prior to 3.5.4

Description The issue is related to the mishandling of argument checking for runtar.c in the AMANDA software, which can be exploited to elevate privileges. This is a different issue than previously reported problems.

Recommendations For versions prior to 3.5.4, update to version 3.5.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the runtar.c component to minimize the risk of exploitation.

Exploit

Correção

Improper Neutralization

Argument Injection

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-707CWE-88CWE-74

Identificadores relacionados

BDU:2024-01572

CVE-2023-30577

DLA-3681-1

DLA-3880-1

GHSA-CRRW-V393-H5Q3

OESA-2023-1507

OPENSUSE-SU-2023:0205-1

OPENSUSE-SU-2023:0206-1

OPENSUSE-SU-2024:13083-1

USN-6614-1

Produtos afetados

Amanda

Linuxmint

Ubuntu

PT-2023-8692 · Amanda+2 · Amanda+2

CVE-2023-30577

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 36