CVE-2022-37704

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary located at /lib/amanda/rundump will execute /usr/sbin/dump as root with controlled arguments from the attacker which may lead to escalation of privileges, denial of service, and information disclosure.

References

Affected packages

Debian:11 / amanda

Package

Name: amanda
Purl: pkg:deb/debian/amanda?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-7+deb11u1

Affected versions

1:3.*

1:3.5.1-7

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / amanda

Package

Name: amanda
Purl: pkg:deb/debian/amanda?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-10

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / amanda

Package

Name: amanda
Purl: pkg:deb/debian/amanda?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:3.5.1-10

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zmanda/amanda

Affected ranges

Type: GIT
Repo: https://github.com/zmanda/amanda
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

60032f14aeefe63d2b92e01496667315430c5923

Affected versions

subtag-2.*

subtag-2.6.0.beta1

subtag-2.6.0.beta2

subtag-3.*

subtag-3.5

subtag-3.5.1

subtag-community-3.*

subtag-community-3.5

subtag-community-3.5.1

tag-2.*

tag-2.5.2

tag-2.5.2.beta1

tag-2.5.x-perl

tag-2.6.0

tag-2.6.0.beta2

tag-2.6.1

tag-3.*

tag-3.1.x

tag-3.2.0.beta1

tag-3.2.x

tag-3.3.x

tag-3.4.x

tag-3.5-github-master

tag-3.5.1.internal

tag-3.5.rel

tag-3.5.x

tag-community-3.*

tag-community-3.5

tag-community-3.5.1

tag-community-3.5.2

tag-core-3.*

tag-core-3.6.rel