CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2012-4430
https://notcve.org/view.php?id=CVE-2012-4430
The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors. La función dump_resource de dird/dird_conf.c en Bacula anteriores a v5.2.11 no hace cumplir correctamente las reglas ACL, permitiendo a usuarior remotos autenticados obtener volcados de la información de recursos mediante vectores no especificados. • http://secunia.com/advisories/50535 http://secunia.com/advisories/50808 http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view http://www.bacula.org/en/?page=news http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905 http://www.debian.org/security/2012/dsa-2558 http://www.mandriva.com/security/advisories?name=MDVSA-2012:166 http://www.openwall.com/lists/oss-security/2012/09/14/11 http://www.openwall.com/lists/ • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5373
https://notcve.org/view.php?id=CVE-2008-5373
mtx-changer.Adic-Scalar-24 in bacula-common 2.4.2 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/mtx.##### temporary file, probably a related issue to CVE-2005-2995. mtx-changer.Adic-Scalar-24 in bacula-common v2.4.2, permite a usuarios locales sobrescribir ficheros de su elección a través de un enlace de ataque simbólico sobre el fichero temporal /tmp/mtx.#####. Cuestion probablemente relacionada con el CVE-2005-2995. • http://lists.debian.org/debian-devel/2008/08/msg00347.html http://uvw.ru/report.sid.txt • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-5626
https://notcve.org/view.php?id=CVE-2007-5626
make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network. make_catalog_backup en Bacula 2.2.5, y posiblemente anteriores, envíe una contraseña MySQL como un argumento de línea de comando, y algunas veces transmite un e-mail en texto plano conteniendo esta línea de comando, lo cual permite a atacantes dependientes del contexto obtener la contraseña listando el proceso y sus argumentos, o realizando sniffing en la red. • http://bugs.bacula.org/view.php?id=990 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446809 http://osvdb.org/41861 http://secunia.com/advisories/27243 http://secunia.com/advisories/31184 http://security.gentoo.org/glsa/glsa-200807-10.xml http://www.securityfocus.com/bid/26156 http://www.vupen.com/english/advisories/2007/3572 https://exchange.xforce.ibmcloud.com/vulnerabilities/37336 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2995
https://notcve.org/view.php?id=CVE-2005-2995
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in. • http://bugs.gentoo.org/show_bug.cgi?id=104986 http://marc.info/?l=full-disclosure&m=112721654126735&w=2 http://www.novell.com/linux/security/advisories/2005_22_sr.html http://www.zataz.net/adviso/bacula-09192005.txt •