CyberSec.Space Logo
返回 CVE 浏览器

CVE-2016-10730

HIGH
7.8
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile40.77th
Published2018年10月24日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.

Affected Platforms (CPE)

📦
Zmanda

Amanda

= 3.3.1
💻
Redhat

Enterprise Linux

= 7.0

References & Advisories

🔗 https://www.exploit-db.com/exploits/39244/
🔗 https://www.exploit-db.com/exploits/39244/

相关漏洞威胁

CVE-2002-090110.0

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to exec...

CVE-2016-107297.8

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar...

CVE-1999-15177.2

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user t...

CVE-2016-578810.0

General Electric (GE) Bently Nevada 3500/22M USB with firmware before 5.0 and Bently Nevada 3500/22M Serial have open ports, which...