Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6418

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2007-6418
Last Modified 15 Nov 2008 02:04:36
Published 17 Dec 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2007-6418

Summary

The libdspam7-drv-mysql cron job in Debian GNU/Linux includes the MySQL dspam database password in a command line argument, which might allow local users to read the password by listing the process and its arguments.

Vulnerable Systems

Operating System

  • Debian Linux


References

OSVDB - 44138

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=448519

BID - 27938

DEBIAN - DSA-1501

SECUNIA - 29059


Last Updated: 27 May 2016 10:46:30