CVE-2020-11061

In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*
cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*
cpe:2.3:a:bareos:bareos:18.2.4:rc1:*:*:*:*:*:*
cpe:2.3:a:bareos:bareos:18.2.4:rc2:*:*:*:*:*:*
cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*
cpe:2.3:a:bareos:bareos:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2020-07-10 13:15

Updated : 2023-01-27 11:11


NVD link : CVE-2020-11061

Mitre link : CVE-2020-11061


JSON object : View

CWE
CWE-122

Heap-based Buffer Overflow

Advertisement

dedicated server usa

Products Affected

debian

  • debian_linux

bareos

  • bareos