CVE-2007-4656 Information

Description

backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname username and password as plaintext command line arguments during FTP uploads which allows local users to obtain sensitive information by listing the process and its arguments a different vulnerability than CVE-2007-2766.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439392 http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=173 http://osvdb.org/37444 http://secunia.com/advisories/26657 http://secunia.com/advisories/29377 http://www.debian.org/security/2008/dsa-1518 http://www.securityfocus.com/bid/25503 http://www.securitytracker.com/id?1018639 http://www2.backup-manager.org/Release063