Oval Definition:	oval:org.opensuse.security:def:201610729
Revision Date: 2022-05-22 Version: 1 Title: CVE-2016-10729 Description: An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root. Family: unix Class: vulnerability Status: Reference(s): CVE-2016-10729 SUSE-SU-2018:4121-1 openSUSE-SU-2018:3804-1 Mitre CVE-2016-10729 SUSE CVE-2016-10729 SUSE-SU-2018:4121-1 openSUSE-SU-2018:3804-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise Server 11 SP1-TERADATA SUSE Linux Enterprise Server 11 SP3-TERADATA SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis Release Information SUSE OpenStack Cloud 8 is installed OR SUSE OpenStack Cloud Crowbar 8 is installed AND permissions is affected Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information amanda-3.3.6-10.3 is installed AND amanda is signed with openSUSE key Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND amanda-2.5.2.1-188.5 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND amanda-2.5.2.1-188.5 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND amanda-2.5.2.1-188.5 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP1-TERADATA is installed OR SUSE Linux Enterprise Server 11 SP3-TERADATA is installed AND amanda-2.5.2.1-188.5.1 is installed OR Package Information SUSE Linux Enterprise Server 11 SP4 is installed OR SUSE Linux Enterprise Server for SAP Applications 11 SP4 is installed AND amanda-2.5.2.1-188.5.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND permissions is affected Definition Synopsis Release Information SUSE OpenStack Cloud 9 is installed OR SUSE OpenStack Cloud Crowbar 9 is installed AND permissions is affected
BACK