CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-10730

HIGH
7.8
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile40.77th
Published2018年10月24日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.

Affected Platforms (CPE)

📦
Zmanda

Amanda

= 3.3.1
💻
Redhat

Enterprise Linux

= 7.0

References & Advisories

🔗 https://www.exploit-db.com/exploits/39244/
🔗 https://www.exploit-db.com/exploits/39244/

相關漏洞威脅

CVE-2002-090110.0

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to exec...

CVE-2016-107297.8

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar...

CVE-1999-15177.2

runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user t...

CVE-2016-103810.0

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader...