4 results (0.008 seconds)

CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0

backup-manager-upload in Backup Manager before 0.6.3 provides the FTP server hostname, username, and password as plaintext command line arguments during FTP uploads, which allows local users to obtain sensitive information by listing the process and its arguments, a different vulnerability than CVE-2007-2766. backup-manager-upload de Backup Manager versiones anteriores a 0.6.3 proporciona el nombre de máquina, nombre del usuario y contraseña del servidor FTP, como argumentos de línea de comandos en texto plano durante la promoción FTP, lo cual permite a usuarios locales obtener información confidencial al listar el proceso y sus argumentos, vulnerabilidad distinta de CVE-2007-2766. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=439392 http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=173 http://osvdb.org/37444 http://secunia.com/advisories/26657 http://secunia.com/advisories/29377 http://www.debian.org/security/2008/dsa-1518 http://www.securityfocus.com/bid/25503 http://www.securitytracker.com/id?1018639 http://www2.backup-manager.org/Release063 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-255: Credentials Management Errors CWE-310: Cryptographic Issues •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh. El archivo lib/backup-methods.sh en Backup Manager versiones anteriores a 0.7.6, proporciona la contraseña de MySQL como un argumento de línea de comandos en texto plano, que permite a usuarios locales obtener esta contraseña mediante la enumeración del proceso y sus argumentos, relacionados con el archivo lib/backup-methods.sh . • http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146 http://osvdb.org/34780 http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/000212.html http://www.vupen.com/english/advisories/2007/2412 http://www2.backup-manager.org/Release076 https://exchange.xforce.ibmcloud.com/vulnerabilities/34489 • CWE-255: Credentials Management Errors •

CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0

The CD-burning feature in backup-manager 0.5.8 and earlier uses a fixed filename in a world-writable directory for logging, which allows local users to overwrite files via a symlink attack. • http://www.debian.org/security/2005/dsa-787 •

CVSS: 2.1EPSS: 0%CPEs: 15EXPL: 0

Backup Manager (backup-manager) before 0.5.8 creates backup files with world-readable default permissions, which allows local users to obtain sensitive information. • http://secunia.com/advisories/15615 http://securitytracker.com/id?1014124 http://www.debian.org/security/2005/dsa-787 http://www.securityfocus.com/bid/13892 http://www.sukria.net/packages/backup-manager http://www.usenetlinux.com/archive/index.php/t-411815.html •