Debian Security Advisory

DSA-787-1 backup-manager -- insecure permissions and tempfile

Date Reported:
26 Aug 2005
Affected Packages:
backup-manager
Vulnerable:
Yes
Security database references:
In the Debian bugtracking system: Bug 308897, Bug 315582.
In Mitre's CVE dictionary: CVE-2005-1855, CVE-2005-1856.
More information:

Two bugs have been found in backup-manager, a command-line driven backup utility. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CAN-2005-1855

    Jeroen Vermeulen discovered that backup files are created with default permissions making them world readable, even though they may contain sensitive information.

  • CAN-2005-1856

    Sven Joachim discovered that the optional CD-burning feature of backup-manager uses a hardcoded filename in a world-writable directory for logging. This can be subject to a symlink attack.

The old stable distribution (woody) does not provide the backup-manager package.

For the stable distribution (sarge) these problems have been fixed in version 0.5.7-1sarge1.

For the unstable distribution (sid) these problems have been fixed in version 0.5.8-2.

We recommend that you upgrade your backup-manager package.

Fixed in:

Debian GNU/Linux 3.1 (sarge)

Source:
http://security.debian.org/pool/updates/main/b/backup-manager/backup-manager_0.5.7-1sarge1.dsc
http://security.debian.org/pool/updates/main/b/backup-manager/backup-manager_0.5.7-1sarge1.diff.gz
http://security.debian.org/pool/updates/main/b/backup-manager/backup-manager_0.5.7.orig.tar.gz
Architecture-independent component:
http://security.debian.org/pool/updates/main/b/backup-manager/backup-manager_0.5.7-1sarge1_all.deb

MD5 checksums of the listed files are available in the original advisory.