Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3148

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2005-3148
Last Modified 05 Sep 2008 04:53:35
Published 05 Oct 2005 05:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-3148

Summary

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.

Vulnerable Systems

Operating System

  • Suse Linux

Application

  • Storebackup 1.1

  • Storebackup 1.10

  • Storebackup 1.10.1

  • Storebackup 1.11

  • Storebackup 1.12

  • Storebackup 1.12.1

  • Storebackup 1.12.2

  • Storebackup 1.13

  • Storebackup 1.14

  • Storebackup 1.15

  • Storebackup 1.16

  • Storebackup 1.16.1

  • Storebackup 1.16.2

  • Storebackup 1.17

  • Storebackup 1.18

  • Storebackup 1.18.1

  • Storebackup 1.18.2

  • Storebackup 1.18.3

  • Storebackup 1.18.4

  • Storebackup 1.2

  • Storebackup 1.3

  • Storebackup 1.4

  • Storebackup 1.5

  • Storebackup 1.6

  • Storebackup 1.7

  • Storebackup 1.8

  • Storebackup 1.8.1

  • Storebackup 1.9

  • Storebackup 1.9.1


References

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=352676

DEBIAN - DSA-1022

SUSE - SUSE-SR:2005:021

SECUNIA - 19489

SECUNIA - 17025

MISC - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332434


Last Updated: 27 May 2016 10:40:48