Vulnerability Name: | CVE-2005-1855 (CCN-20938) | ||||||||
Assigned: | 2005-06-08 | ||||||||
Published: | 2005-06-08 | ||||||||
Updated: | 2008-09-05 | ||||||||
Summary: | Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. | ||||||||
CVSS v3 Severity: | 4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
| ||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Obtain Information | ||||||||
References: | Source: MITRE Type: CNA CVE-2005-1855 Source: MITRE Type: CNA CVE-2005-1958 Source: MITRE Type: CNA CVE-2005-2212 Source: CCN Type: SA15615 Backup Manager Exposure of Archive Repository Source: SECUNIA Type: Patch, Vendor Advisory 15615 Source: CCN Type: SA15989 Backup Manager Unspecified Insecure Temporary File Creation Source: CCN Type: SECTRACK ID: 1014124 Backup Manager Discloses `/etc` Files to Local Users Source: SECTRACK Type: Patch 1014124 Source: DEBIAN Type: Patch, Vendor Advisory DSA-787 Source: DEBIAN Type: DSA-787 backup-manager -- insecure permissions and tempfile Source: BID Type: Patch 13892 Source: CCN Type: BID-13892 Backup Manager Archive Repository Disclosure Vulnerability Source: CCN Type: Backup Manager Web site sukria.net - Backup Manager - A small Linux tool for making backups Source: CONFIRM Type: Patch http://www.sukria.net/packages/backup-manager/ Source: MISC Type: UNKNOWN http://www.usenetlinux.com/archive/index.php/t-411815.html Source: XF Type: UNKNOWN backup-archive-information-disclosure(20938) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration 2: Denotes that component is vulnerable | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |