Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4656

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2007-4656
Last Modified 28 Aug 2013 01:37:54
Published 04 Sep 2007 06:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-4656

Summary

backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username, and password as plaintext command line arguments during FTP uploads, which allows local users to obtain sensitive information by listing the process and its arguments, a different vulnerability than CVE-2007-2766.

Vulnerable Systems

Application

  • Backup Manager 0.6.2


References

CONFIRM - http://www2.backup-manager.org/Release063

SECUNIA - 26657

OSVDB - 37444

CONFIRM - http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=173

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439392

SECTRACK - 1018639

BID - 25503

DEBIAN - DSA-1518

SECUNIA - 29377


Last Updated: 27 May 2016 10:45:56