CVE-2005-3148

NameCVE-2005-3148
DescriptionStoreBackup before 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1022-1
NVD severitymedium (attack range: local)
Debian Bugs332434

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
storebackup (PTS)wheezy, buster, sid, jessie, stretch3.2.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
storebackupsource(unstable)1.19-1medium332434
storebackupsourcesarge1.18.4-2sarge1mediumDSA-1022-1

Search for package or bug name: Reporting problems