Vulnerability Description
lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Backup Manager | Backup Manager | <= 0.7.5 |
Related Weaknesses (CWE)
References
- http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146
- http://osvdb.org/34780
- http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/0002
- http://www.vupen.com/english/advisories/2007/2412
- http://www2.backup-manager.org/Release076Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34489
- http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146
- http://osvdb.org/34780
- http://www.backup-manager.org/pipermail/backup-manager-commits/2007-January/0002
- http://www.vupen.com/english/advisories/2007/2412
- http://www2.backup-manager.org/Release076Patch
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34489
FAQ
What is CVE-2007-2766?
CVE-2007-2766 is a vulnerability with a CVSS score of 7.2 (HIGH). lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its a...
How severe is CVE-2007-2766?
CVE-2007-2766 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2766?
Check the references section above for vendor advisories and patch information. Affected products include: Backup Manager Backup Manager.