CVE-2005-2995
NONE EPSS 31.1%
Published Sep 20, 200520y ago · Modified Jun 16, 20262w ago
Published Sep 20, 2005 20y ago
Last Modified Jun 16, 2026 2w ago
Description
bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.
Threat Intelligence
EPSS Exploit Probability
31.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| bacula | bacula | * | ≤1.36.3 |
References 4
- bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=104986
- marc.info http://marc.info/?l=full-disclosure&m=112721654126735&w=2
- novell.com http://www.novell.com/linux/security/advisories/2005_22_sr.html
- zataz.net http://www.zataz.net/adviso/bacula-09192005.txt
Remediation
- bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=104986
- zataz.net http://www.zataz.net/adviso/bacula-09192005.txt