Fix: AMANDA buffer overflow vulnerabilities

According to a report on Security Focus, the Advanced Maryland Automatic Network Disk Archiver (AMANDA) contains buffer overflow vulnerabilities.

The report stated: "AMANDA is a backup system which is available for many different Unix-based operating systems. Several setuid and setgid binaries which are installed by this package contain buffer overflow vulnerabilities

that can be used to execute shellcode with elevated privileges.

Additionally, the amindexd daemon contains a remote overflow bug

that can lead to a remote system compromise.

The affected version of AMANDA is an old package but is often used

due to compatibility problems with newer versions. For example,

this package was until recently shipped with the FreeBSD 4.5 ports


Upgrade AMANDA to the latest stable version , which is available

from the developers web site:".

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments