CVE-2007-2766 Information

Description

lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument which allows local users to obtain this password by listing the process and its arguments related to lib/backup-methods.sh.

Reference

http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146 http://osvdb.org/34780 http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/000212.html http://www.vupen.com/english/advisories/2007/2412 http://www2.backup-manager.org/Release076 https://exchange.xforce.ibmcloud.com/vulnerabilities/34489