Timeline :
Vulnerabilities discovered by Eric Romang the 2005-09-06
Vendor notified the 2005-09-19
Coordinated vulnerabilities disclosure the 2005-09-20
Reference(s) :
Affected version(s) :
bacula equal or under version 1.36.3
Description :
Bacula contains flaws that may allow a malicious local user to create or overwrite arbitrary files on the system.
The issue is due to scripts/mtx-changer.in creating temporary files in /tmp insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.
The issue is due to /autoconf/randpass creating temporary files in /tmp insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.
The issue is due to /rescue/linux/getdiskinfo creating temporary files in /tmp insecurely. It is possible for a user to use a symlink style attack to manipulate arbitrary files, resulting in a loss of integrity.