CVE-2007-6418 Information

Description

The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument which might allow local users to read the password by listing the process and its arguments.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448519 http://osvdb.org/44138 http://secunia.com/advisories/29059 http://www.debian.org/security/2008/dsa-1501 http://www.securityfocus.com/bid/27938