CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-30577
https://notcve.org/view.php?id=CVE-2023-30577
AMANDA (Advanced Maryland Automatic Network Disk Archiver) before tag-community-3.5.4 mishandles argument checking for runtar.c, a different vulnerability than CVE-2022-37705. • https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.4 https://github.com/zmanda/amanda/security/advisories/GHSA-crrw-v393-h5q3 https://lists.debian.org/debian-lts-announce/2023/12/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7OITHG7FBD7HQRX2XT75GSGWB3D6XSZU https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YYGJJARVLRBMNWSNXKZBXZNX3M53OVPA • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37705
https://notcve.org/view.php?id=CVE-2022-37705
A privilege escalation flaw was found in Amanda 3.5.1 in which the backup user can acquire root privileges. The vulnerable component is the runtar SUID program, which is a wrapper to run /usr/bin/tar with specific arguments that are controllable by the attacker. This program mishandles the arguments passed to tar binary (it expects that the argument name and value are separated with a space; however, separating them with an equals sign is also supported), • https://github.com/MaherAzzouzi/CVE-2022-37705 http://www.amanda.org https://github.com/zmanda/amanda/issues/192 https://github.com/zmanda/amanda/pull/194 https://github.com/zmanda/amanda/pull/196 https://github.com/zmanda/amanda/pull/204 https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3 https://lists.debian.org/debian-lts-announce/2023/12/msg00003.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5DCLSX5YYTWM • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 1CVE-2022-37704
https://notcve.org/view.php?id=CVE-2022-37704
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure. • https://github.com/MaherAzzouzi/CVE-2022-37704 http://www.amanda.org https://github.com/zmanda/amanda/issues/192 https://github.com/zmanda/amanda/pull/197 https://github.com/zmanda/amanda/pull/205 https://github.com/zmanda/amanda/releases/tag/tag-community-3.5.3 https://lists.debian.org/debian-lts-announce/2023/02/msg00025.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5DCLSX5YYTWMKSMDL67M5STZ5ZDSOXK https://lists.fedoraproject.org/a • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19469
https://notcve.org/view.php?id=CVE-2019-19469
In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= allows CSRF, as demonstrated by command injection with shell metacharacters. This may depend on weak default credentials. En Zmanda Management Console versión 3.3.9, ZMC_Admin_Advanced?form=adminTasks&action=Apply&command= permite un ataque de tipo CSRF, como es demostrado mediante la inyección de comandos con metacaracteres de shell. • https://github.com/robertchrk/zmanda_exploit • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2016-10730
https://notcve.org/view.php?id=CVE-2016-10730
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. • https://www.exploit-db.com/exploits/39244 • CWE-264: Permissions, Privileges, and Access Controls •