ID OSVDB:34780
Type osvdb
Reporter OSVDB
Modified 2007-05-10T14:59:41
Description
Solution Description
Upgrade to version 0.7.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
References:
Vendor URL: http://www.backup-manager.org/
Vendor Specific News/Changelog Entry: http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146
Vendor Specific News/Changelog Entry: http://www2.backup-manager.org/Release076
ISS X-Force ID: 34489
FrSIRT Advisory: ADV-2007-2412
CVE-2007-2766
{"bulletinFamily": "software", "viewCount": 0, "reporter": "OSVDB", "references": [], "description": "## Solution Description\nUpgrade to version 0.7.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## References:\nVendor URL: http://www.backup-manager.org/\nVendor Specific News/Changelog Entry: http://bugzilla.backup-manager.org/cgi-bin/show_bug.cgi?id=146\nVendor Specific News/Changelog Entry: http://www2.backup-manager.org/Release076\nISS X-Force ID: 34489\nFrSIRT Advisory: ADV-2007-2412\n[CVE-2007-2766](https://vulners.com/cve/CVE-2007-2766)\n", "affectedSoftware": [], "href": "https://vulners.com/osvdb/OSVDB:34780", "modified": "2007-05-10T14:59:41", "enchantments": {"score": {"value": 6.3, "vector": "NONE", "modified": "2017-04-28T13:20:31", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-2766"]}], "modified": "2017-04-28T13:20:31", "rev": 2}, "vulnersScore": 6.3}, "id": "OSVDB:34780", "title": "Backup Manager Command Line Cleartext MySQL Password Disclosure", "edition": 1, "published": "2007-05-10T14:59:41", "type": "osvdb", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2007-2766"], "lastseen": "2017-04-28T13:20:31"}
{"cve": [{"lastseen": "2021-02-02T05:31:24", "description": "lib/backup-methods.sh in Backup Manager before 0.7.6 provides the MySQL password as a plaintext command line argument, which allows local users to obtain this password by listing the process and its arguments, related to lib/backup-methods.sh.", "edition": 6, "cvss3": {}, "published": "2007-05-18T22:30:00", "title": "CVE-2007-2766", "type": "cve", "cwe": ["CWE-255"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2007-2766"], "modified": "2017-07-29T01:31:00", "cpe": ["cpe:/a:backup_manager:backup_manager:0.7.5"], "id": "CVE-2007-2766", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-2766", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:backup_manager:backup_manager:0.7.5:*:*:*:*:*:*:*"]}]}
