Pcahyna

**Name of the Vulnerable Software and Affected Versions** Amanda version 3.5.1 **Description** The issue allows privilege escalation from a regular user backup to root. A SUID binary located at /lib/amanda/rundump executes /usr/sbin/dump as root with controlled arguments from the attacker, which may lead to escalation of privileges, denial of service, and information disclosure. **Recommendations** For Amanda version 3.5.1, consider restricting access to the SUID binary located at /lib/amanda/rundump to minimize the risk of exploitation. As a temporary workaround, consider disabling the execution of /usr/sbin/dump by the SUID binary until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.