CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4656
https://notcve.org/view.php?id=CVE-2007-4656
backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username, and password as plaintext command line arguments during FTP uploads, which allows local users to obtain sensitive information by listing the process and its arguments, a different vulnerability than CVE-2007-2766. backup-manager-upload de Backup Manager versiones anteriores a 0.6.3 proporciona el nombre de máquina, nombre del usuario y contraseña del servidor FTP, como argumentos de línea de comandos en texto plano durante la promoción FTP, lo cual permite a usuarios locales obtener información confidencial al listar el proceso y sus argumentos, vulnerabilidad distinta de CVE-2007-2766. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439392 http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=173 http://osvdb.org/37444 http://secunia.com/advisories/26657 http://secunia.com/advisories/29377 http://www.debian.org/security/2008/dsa-1518 http://www.securityfocus.com/bid/25503 http://www.securitytracker.com/id?1018639 http://www2.backup-manager.org/Release063 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors CWE-310: Cryptographic Issues •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2007-2766
https://notcve.org/view.php?id=CVE-2007-2766
lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh. El archivo lib/backup-methods.sh en Backup Manager versiones anteriores a 0.7.6, proporciona la contraseña de MySQL como un argumento de línea de comandos en texto plano, que permite a usuarios locales obtener esta contraseña mediante la enumeración del proceso y sus argumentos, relacionados con el archivo lib/backup-methods.sh . • http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146 http://osvdb.org/34780 http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/000212.html http://www.vupen.com/english/advisories/2007/2412 http://www2.backup-manager.org/Release076 https://exchange.xforce.ibmcloud.com/vulnerabilities/34489 • CWE-255: Credentials Management Errors •
CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2005-1856
https://notcve.org/view.php?id=CVE-2005-1856
The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack. • http://www.debian.org/security/2005/dsa-787 •
CVSS: 2.1EPSS: 0%CPEs: 15EXPL: 0CVE-2005-1855
https://notcve.org/view.php?id=CVE-2005-1855
Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. • http://secunia.com/advisories/15615 http://securitytracker.com/id?1014124 http://www.debian.org/security/2005/dsa-787 http://www.securityfocus.com/bid/13892 http://www.sukria.net/packages/backup-manager http://www.usenetlinux.com/archive/index.php/t-411815.html •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2211
https://notcve.org/view.php?id=CVE-2005-2211
Backup Manager 0.5.8a creates temporary files insecurely, which allows local users to conduct unauthorized file operations when a user is burning a CDR. • http://secunia.com/advisories/15989 http://www.sukria.net/packages/backup-manager •