[backup-manager] [CVE-2007-4656] information disclosure
Bug #203454 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
backup-manager (Debian) |
Fix Released
|
Unknown
|
|||
backup-manager (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: backup-manager
References:
DSA-1518-1 (http://
Quoting:
"Micha Lenk discovered that backup-manager, a command-line backup tool,
sends the password as a command line argument when calling a FTP client,
which may allow a local attacker to read this password (which provides
access to all backed-up files) from the process listing."
CVE References
Changed in backup-manager: | |
status: | Unknown → Fix Released |
Changed in backup-manager: | |
status: | New → Fix Released |
To post a comment you must log in.