VulnerableCode Package Details - pkg:deb/debian/bacula@1.36.2-2sarge1

Search for packages

Vulnerability	Summary	Fixed by
VCID-1vu9-xzw9-kfe2 Aliases: CVE-2005-2096	zlib DoS	1.38.11-8 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-497r-ewba-b7a3 Aliases: CVE-2005-2995	bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.	1.38.11-8 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-dasb-atv1-53ck Aliases: CVE-2020-11061	In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10.	9.6.7-3 Affected by 0 other vulnerabilities.
VCID-k9yc-qbqn-uyaf Aliases: CVE-2008-5373	bacula-common: Insecure temporary file use in autochangers (symlink attack)	2.4.4-1 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-p2nz-7xyf-jqbw Aliases: CVE-2012-4430	A vulnerability in Bacula may allow remote attackers to obtain sensitive information.	5.2.6+dfsg-9 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-v7mu-11py-d7ek Aliases: CVE-2007-5626	A vulnerability in Bacula may allow local attackers to obtain sensitive information.	5.0.2-2.2+squeeze1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-1vu9-xzw9-kfe2
Aliases:
CVE-2005-2096

zlib DoS

1.38.11-8
Affected by 4 other vulnerabilities.

VCID-497r-ewba-b7a3
Aliases:
CVE-2005-2995

bacula 1.36.3 and earlier allows local users to modify or read sensitive files via symlink attacks on (1) the temporary file used by autoconf/randpass when openssl is not available, or (2) the mtx.[PID] temporary file in mtx-changer.in.

1.38.11-8
Affected by 4 other vulnerabilities.

VCID-dasb-atv1-53ck
Aliases:
CVE-2020-11061

In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in Bareos versions 19.2.8, 18.2.9 and 17.2.10.

9.6.7-3
Affected by 0 other vulnerabilities.

VCID-k9yc-qbqn-uyaf
Aliases:
CVE-2008-5373

bacula-common: Insecure temporary file use in autochangers (symlink attack)

2.4.4-1
Affected by 3 other vulnerabilities.

VCID-p2nz-7xyf-jqbw
Aliases:
CVE-2012-4430

A vulnerability in Bacula may allow remote attackers to obtain sensitive information.

5.2.6+dfsg-9
Affected by 1 other vulnerability.

VCID-v7mu-11py-d7ek
Aliases:
CVE-2007-5626

A vulnerability in Bacula may allow local attackers to obtain sensitive information.

5.0.2-2.2+squeeze1
Affected by 2 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T22:02:23.184313+00:00	Debian Oval Importer	Affected by	VCID-497r-ewba-b7a3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:56:22.559069+00:00	Debian Oval Importer	Affected by	VCID-1vu9-xzw9-kfe2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:45:18.131486+00:00	Debian Oval Importer	Affected by	VCID-p2nz-7xyf-jqbw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:41:42.233822+00:00	Debian Oval Importer	Affected by	VCID-v7mu-11py-d7ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:07:21.789227+00:00	Debian Oval Importer	Affected by	VCID-dasb-atv1-53ck	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:17:04.624084+00:00	Debian Oval Importer	Affected by	VCID-k9yc-qbqn-uyaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T21:40:32.659781+00:00	Debian Oval Importer	Affected by	VCID-497r-ewba-b7a3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:34:43.412679+00:00	Debian Oval Importer	Affected by	VCID-1vu9-xzw9-kfe2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:23:57.980878+00:00	Debian Oval Importer	Affected by	VCID-p2nz-7xyf-jqbw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T18:26:06.478828+00:00	Debian Oval Importer	Affected by	VCID-v7mu-11py-d7ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:52:58.031473+00:00	Debian Oval Importer	Affected by	VCID-dasb-atv1-53ck	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:03:35.800326+00:00	Debian Oval Importer	Affected by	VCID-k9yc-qbqn-uyaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T21:18:30.662372+00:00	Debian Oval Importer	Affected by	VCID-497r-ewba-b7a3	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:12:54.411212+00:00	Debian Oval Importer	Affected by	VCID-1vu9-xzw9-kfe2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:02:33.552901+00:00	Debian Oval Importer	Affected by	VCID-p2nz-7xyf-jqbw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:11:57.343557+00:00	Debian Oval Importer	Affected by	VCID-v7mu-11py-d7ek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:39:52.112288+00:00	Debian Oval Importer	Affected by	VCID-dasb-atv1-53ck	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:52:57.201287+00:00	Debian Oval Importer	Affected by	VCID-k9yc-qbqn-uyaf	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0