High severity7.1NVD Advisory· Published Oct 26, 2009· Updated Jun 16, 2026
CVE-2009-3611
CVE-2009-3611
Description
common/snapshots.py in Back In Time (aka backintime) 0.9.26 changes certain permissions to 0777 before deleting the files in an old backup snapshot, which allows local users to obtain sensitive information by reading these files, or interfere with backup integrity by modifying files that are shared across snapshots.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- cpe:2.3:a:le-web:backintime:0.9.26:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:11:*:*:*:*:*:*:*
- Range: = 0.9.26
Patches
Vulnerability mechanics
References
9- bugs.gentoo.org/show_bug.cginvdIssue TrackingPatch
- ftp.debian.org/debian/pool/main/b/backintime/backintime_0.9.26-3.diff.gznvdBroken LinkPatch
- bugs.launchpad.net/ubuntu/+source/backintime/+bug/434256nvdThird Party Advisory
- bugs.debian.org/cgi-bin/bugreport.cginvdMailing List
- marc.infonvdMailing List
- marc.infonvdMailing List
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- www.redhat.com/archives/fedora-package-announce/2009-September/msg00821.htmlnvdMailing List
- www.redhat.com/archives/fedora-package-announce/2009-September/msg00823.htmlnvdMailing List
News mentions
0No linked articles in our index yet.