CVE-2022-37703

LOW

Amanda 3.5.1 - Directory Existence Disclosure via calcsize SUID Binary

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-37703. PoCs published by MaherAzzouzi.

AI-analyzed exploit summary The repository describes an information disclosure vulnerability in Amanda 3.5.1's calcsize SUID binary, where an attacker can check the existence of arbitrary directories via `opendir()` without proper path validation. The PoC involves running the binary with specific arguments to infer directory existence based on error output.

Description

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the attacker provide an arbitrary path.

Exploits (1)

nomisec WRITEUP 3 stars
by MaherAzzouzi · poc
https://github.com/MaherAzzouzi/CVE-2022-37703

The repository describes an information disclosure vulnerability in Amanda 3.5.1's calcsize SUID binary, where an attacker can check the existence of arbitrary directories via `opendir()` without proper path validation. The PoC involves running the binary with specific arguments to infer directory existence based on error output.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Amanda 3.5.1
Auth required
Prerequisites: Access to the calcsize binary as the 'backup' user
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory
http://www.amanda.org/
Third Party Advisory
https://bugs.gentoo.org/870037

Scores

CVSS v3 3.3
EPSS 0.0068
EPSS Percentile 47.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-22
Status published
Products (1)
amanda/amanda 3.5.1
Published Sep 13, 2022
Tracked Since Feb 18, 2026