Privilege Escalation Vulnerability in Amanda 3.3.1

Privilege Escalation Vulnerability in Amanda 3.3.1

CVE-2016-10730 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.

Learn more about our Api Penetration Testing.