Local File Manipulation Vulnerability in Bacula 1.36.3 and Earlier

Local File Manipulation Vulnerability in Bacula 1.36.3 and Earlier

CVE-2005-2995 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:P/A:N

bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.

Learn more about our User Device Pen Test.