CVE-2007-2766

NameCVE-2007-2766
Descriptionlib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
backup-manager (PTS)jessie0.7.10.1-2fixed
stretch0.7.12-4fixed
buster0.7.14-1+deb10u1fixed
bullseye0.7.14-1.2fixed
sid, trixie, bookworm0.7.14-1.3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
backup-managersourceetch0.7.5-5
backup-managersource(unstable)0.7.6-1low

Notes

[sarge] - backup-manager <no-dsa> (Minor issue)

Search for package or bug name: Reporting problems