SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Your Ad Here
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Backup Manager Vendors:  Sukrieh, Alexis et al
Backup Manager Discloses '/etc' Files to Local Users
SecurityTracker Alert ID:  1014124
SecurityTracker URL:  http://securitytracker.com/id?1014124
CVE Reference:  CVE-2005-1855   (Links to External Site)
Updated:  Nov 2 2008
Original Entry Date:  Jun 7 2005
Impact:  Disclosure of system information, Disclosure of user information
Exploit Included:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 0.5.8
Description:  A vulnerability was reported in Backup Manager. A local user can view potentially restricted files.

The software creates backup files in a world-readable location. In the default configuration, the software stores a world-readable tar file of the '/etc' directory in the '/var/backups' directory. This allows a local user to view the tar file to gain access to copies of the files from the '/etc' directory.

Jeroen Vermeulen reported this vulnerability.
Impact:  A local user can view copies of files from the '/etc' directory.
Solution:  The vendor has included a fix in the pending version 0.5.8, to be available at:

http://www.sukria.net/packages/backup-manager/
http://www.sukria.net/packages/backup-manager/sources/
Vendor URL:  www.sukria.net/packages/backup-manager/ (Links to External Site)
Cause:  Access control error
Underlying OS:  Linux (Any), UNIX (Any)
Reported By:  jtv@thaiopensource.org (Jeroen Vermeulen)
Message History:   None.

 Source Message Contents
Date:  Fri, 13 May 2005 12:04:50 +0700
From:  jtv@thaiopensource.org (Jeroen Vermeulen)
Subject:  backup-manager: secure repository

 
 
Creating a world-readable repository would be a serious security breach.
I may be mistaken, but AFAICS the installation script fails to check
this or warn about it.  It doesn't enforce it in any case; I just
realized I had a world-readable repository in a working setup.
 
Are there any steps that can be taken to encourage secure configuration,
e.g. creating the repository at installation time with root-only access
rights, or chmod'ing it if it already exists?  Or alternatively, create
the backups with root-only access rights and/or encrypt them.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC