common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with backup integrity by modifying files that are shared across snapshots.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-10-26T16:00:00Z

Updated: 2024-08-07T06:31:10.508Z

Reserved: 2009-10-09T00:00:00Z

Link: CVE-2009-3611

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-10-26T16:30:00.890

Modified: 2024-11-21T01:07:48.000

Link: CVE-2009-3611

cve-icon Redhat

Severity : Important

Publid Date: 2009-08-27T00:00:00Z

Links: CVE-2009-3611 - Bugzilla