CVE-2005-2995

NONE EPSS 31.1%
Published Sep 20, 200520y ago · Modified Jun 16, 20262w ago
Find Similar
Published Sep 20, 2005 20y ago
Last Modified Jun 16, 2026 2w ago

Description

bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.

Threat Intelligence

EPSS Exploit Probability
31.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 1

VendorProductVersionRange
baculabacula* ≤1.36.3

References 4

  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=104986
    PatchThird Party Advisory
  • marc.info http://marc.info/?l=full-disclosure&m=112721654126735&w=2
    Mailing ListThird Party Advisory
  • novell.com http://www.novell.com/linux/security/advisories/2005_22_sr.html
    Third Party Advisory
  • zataz.net http://www.zataz.net/adviso/bacula-09192005.txt
    PatchThird Party Advisory

Remediation

  • bugs.gentoo.org http://bugs.gentoo.org/show_bug.cgi?id=104986
    PatchThird Party Advisory
  • zataz.net http://www.zataz.net/adviso/bacula-09192005.txt
    PatchThird Party Advisory