backup software vulnerabilities
vulnerabilities.aspcode.net
Searching backup software vulnerabilities
A Windows NT Primary Domain Controller (PDC) or
Controller
|
Primary
|
Windows
|
Domain
|
A Windows NT Primary Domain Controller (PDC) or Backup Domain Controller (BDC) is present.
The recover program in Solstice Backup allows l
sensitive
|
Solstice
|
restore
|
recover
|
program
|
allows
|
Backup
|
files
|
local
|
users
|
The recover program in Solstice Backup allows local users to restore sensitive files.
EMC Legato NetWorker, Sun Solstice Backup 6.0 a
authentication
|
privileges
|
Enterprise
|
NetWorker
|
attackers
|
AUTH_UNIX
|
spoofing
|
username
|
Solstice
|
StorEdge
|
through
|
Legato
|
allows
|
remote
|
Backup
|
bypass
|
relies
|
which
|
rely
|
gain
|
user
|
UID
|
Sun
|
EMC
|
EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID.
EMC Legato NetWorker, Solstice Backup 6.0 and 6
authentication
|
Enterprise
|
privileges
|
attackers
|
NetWorker
|
modifying
|
properly
|
StorEdge
|
Solstice
|
through
|
allows
|
remote
|
tokens
|
Backup
|
Legato
|
verify
|
which
|
token
|
gain
|
not
|
EMC
|
EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token.
Stack-based buffer overflow in the Backup Agent
Stack-based
|
BrightStor
|
Microsoft
|
ARCserve
|
overflow
|
Server
|
buffer
|
Backup
|
Agent
|
SQL
|
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
xmysqladmin 1.0 and earlier allows local users
xmysqladmin
|
arbitrary
|
database
|
earlier
|
symlink
|
attack
|
backup
|
allows
|
delete
|
users
|
local
|
files
|
file
|
/tmp
|
via
|
xmysqladmin 1.0 and earlier allows local users to delete arbitrary files via a symlink attack on a database backup file in /tmp.
Backup Manager 0.5.8a creates an archive reposi
permissions
|
repository
|
attackers
|
readable
|
writable
|
creates
|
Manager
|
archive
|
allows
|
modify
|
Backup
|
world
|
which
|
read
|
058a
|
Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository.
StoreBackup before 1.19 creates the backup root
StoreBackup
|
before
|
StoreBackup before 1.19 creates the backup root with world-readable permissions, which allows local users to obtain sensitive information.
IPCop (aka IPCop Firewall) before 1.4.10 has wo
IPCop
|
IPCop (aka IPCop Firewall) before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from this backup.
Race condition in IPCop (aka IPCop Firewall) be
condition
|
IPCop
|
Race
|
Race condition in IPCop (aka IPCop Firewall) before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from this backup.
EMC Dantz Retrospect 7 backup client 7.0.107, a
Retrospect
|
backup
|
client
|
Dantz
|
EMC
|
EMC Dantz Retrospect 7 backup client 7.0.107, and other versions before 7.0.109, and 6.5 before 6.5.138 allows remote attackers to cause a denial of service (client termination and loss of backup service) via a malformed packet to TCP port 497, which triggers an assert error.
Format string vulnerability in the Job Engine s
vulnerability
|
service
|
Engine
|
string
|
Format
|
Job
|
Format string vulnerability in the Job Engine service (bengine.exe) in the Media Server in Veritas Backup Exec 10d (10.1) for Windows Servers rev. 5629, Backup Exec 10.0 for Windows Servers rev. 5520, Backup Exec 10.0 for Windows Servers rev. 5484, and Backup Exec 9.1 for Windows Servers rev. 4691, when the job log mode is Full Detailed (aka Full Details), allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via a crafted filename on a machine that is backed up by Backup Exec.
The Backup selection in Kailash Nadh boastMachi
boastMachine
|
selection
|
Kailash
|
Backup
|
Nadh
|
The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file.
backup/backup_scheduled.php in Moodle before 1.
backup/backup_scheduledphp
|
before
|
Moodle
|
backup/backup_scheduled.php in Moodle before 1.6.2 generates trace data with the full backup pathname even when debugging is disabled, which might allow attackers to obtain the pathname.
Web Directory Pro allows remote attackers to (1
Directory
|
attackers
|
allows
|
remote
|
Web
|
Pro
|
Web Directory Pro allows remote attackers to (1) backup the database and obtain the backup via a direct request to admin/backup_db.php or (2) modify configuration via a direct request to admin/options.php.
Buffer overflow in the BrightStor Backup Discov
BrightStor
|
Discovery
|
including
|
multiple
|
ARCserve
|
products
|
overflow
|
earlier
|
Service
|
Buffer
|
Backup
|
r115
|
SP1
|
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
AlstraSoft Web Host Directory stores sensitive
admin/backup/db
|
insufficient
|
information
|
AlstraSoft
|
attackers
|
sensitive
|
Directory
|
database
|
download
|
control
|
request
|
remote
|
stores
|
backup
|
access
|
direct
|
allows
|
which
|
under
|
Host
|
root
|
Web
|
via
|
AlstraSoft Web Host Directory stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a backup database via a direct request for admin/backup/db.
BEA WebLogic Server 8.1 through 8.1 SP5 imprope
information
|
improperly
|
cleartext
|
configxml
|
sensitive
|
WebLogic
|
reading
|
editing
|
offline
|
through
|
allows
|
Server
|
backup
|
obtain
|
users
|
local
|
after
|
which
|
file
|
data
|
BEA
|
SP5
|
BEA WebLogic Server 8.1 through 8.1 SP5 improperly cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.
lib/backup-methods.sh in Backup Manager before
lib/backup-methodssh
|
Manager
|
before
|
Backup
|
lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
Buffer overflow in backup/src/vmsbackup.c (aka
backup/src/vmsbackupc
|
overflow
|
Buffer
|
Buffer overflow in backup/src/vmsbackup.c (aka the backup utility) in FreeVMS before 0.3.6 might allow local users to gain privileges via a long string in response to an "extract [ny]" prompt.
Software vulnerabilities results 1 to 20 of 108
Page:
1
2
3
4
5
6
►