CVE-2022-37705

CVSS v3.1

6.7

Medium

Vector

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Amanda version 3.5.1

Description A privilege escalation flaw was found in Amanda, where the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to the tar binary, as it expects the argument name and value to be separated with a space, but also supports separation with an equals sign.

Recommendations For Amanda version 3.5.1, consider restricting access to the runtar SUID program until a patch is available. As a temporary workaround, avoid using arguments that separate names and values with an equals sign when interacting with the tar binary through the runtar program.

Exploit

Fix

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

CVE-2022-37705

DLA-3681-1

DLA-3880-1

OESA-2023-1149

OPENSUSE-SU-2023:0069-1

OPENSUSE-SU-2024:12706-1

USN-5966-1

USN-5966-2

USN-5966-3

Affected Products

Amanda

Linuxmint

Ubuntu

CVE-2022-37705

Weakness Enumeration

Related Identifiers

Affected Products

References · 52