Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Debian Local Security Checks --> Category: infos

[DSA1022] DSA-1022-1 storebackup Vulnerability Scan

Vulnerability Scan Summary
DSA-1022-1 storebackup

Detailed Explanation for this Vulnerability Test

Several vulnerabilities have been discovered in the backup utility
storebackup. The Common Vulnerabilities and Exposures project identifies
the following problems:
Storebackup creates a temporary file predictably, which can be
exploited to overwrite arbitrary files on the system with a symlink
The backup root directory wasn't created with fixed permissions, which may lead to
inproper permissions if the umask is too lax.
The user and group rights of symlinks are set incorrectly when making
or restoring a backup, which may leak sensitive data.
The old stable distribution (woody) doesn't contain storebackup packages.
For the stable distribution (sarge) these problems have been fixed in
version 1.18.4-2sarge1.
For the unstable distribution (sid) these problems have been fixed in
version 1.19-2.
We recommend that you upgrade your storebackup package.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.