CVE-2005-2995

Published: Sep 20, 2005

Modified: Aug 7, 2024

PUBLISHED

Description

bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.zataz.net/adviso/bacula-09192005.txt

x_refsource_MISC

20050920 bacula insecure temporary file creation

mailing-list

x_refsource_FULLDISC

SUSE-SR:2005:022

vendor-advisory

x_refsource_SUSE

http://bugs.gentoo.org/show_bug.cgi?id=104986

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2005-2995

Description

Affected Products

References