CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-0901

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0190%
EPSS Percentile0.39th
Published2002年10月4日
Last Modified2026年4月16日

Vulnerability Description

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar.

Affected Platforms (CPE)

📦
Amanda

Amanda

= 2.3.0.4

References & Advisories

🔗 http://online.securityfocus.com/archive/1/274215
🔗 http://www.iss.net/security_center/static/9181.php
🔗 http://www.iss.net/security_center/static/9182.php
🔗 http://www.securityfocus.com/bid/4836
🔗 http://www.securityfocus.com/bid/4840
🔗 http://online.securityfocus.com/archive/1/274215
🔗 http://www.iss.net/security_center/static/9181.php
🔗 http://www.iss.net/security_center/static/9182.php

関連する脆弱性情報

CVE-2016-107297.8

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar...

CVE-2016-107307.8

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is a...

CVE-1999-15177.2

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user t...

CVE-2002-074710.0

Buffer overflow in lsmcode in AIX 4.3.3.