Back to bug 2126847
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sandipan Roy | 2022-09-14 14:31:40 UTC | CC | fedora, jridky, j, phracek, rvokal | |
| Sandipan Roy | 2022-09-14 14:31:54 UTC | Blocks | 2126837 | |
| Sandipan Roy | 2022-09-14 14:34:58 UTC | Depends On | 2126848, 2126849 | |
| Sandipan Roy | 2022-09-26 05:20:04 UTC | Doc Text | In Amanda, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. | |
| RaTasha Tillery-Smith | 2022-09-26 11:22:05 UTC | Doc Text | In Amanda, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. | An information leak vulnerability was found in Amanda in the calcsize SUID binary. This flaw allows an attacker to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path. |
| Red Hat Bugzilla | 2023-07-07 08:29:20 UTC | Assignee | security-response-team | nobody |
Back to bug 2126847