4

CVE-2012-4430

The dump_resource function in dird/dird_conf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
BaculaBacula Version < 5.2.11
DebianDebian Linux Version6.0
DebianDebian Linux Version7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.68% 0.838
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/50535
Third Party Advisory
http://secunia.com/advisories/50808
Third Party Advisory
http://sourceforge.net/projects/bacula/files/bacula/5.2.12/ReleaseNotes/view
Third Party Advisory
http://www.bacula.org/en/?page=news
Vendor Advisory
http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905
Patch
Vendor Advisory
http://www.debian.org/security/2012/dsa-2558
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:166
Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/09/14/11
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2012/09/14/12
Third Party Advisory
Mailing List
http://www.openwall.com/lists/oss-security/2012/09/15/2
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/55505
Third Party Advisory
VDB Entry