CVE-2007-5201

Published: Oct 4, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840

x_refsource_CONFIRM

27771

vdb-entry

x_refsource_BID

FEDORA-2008-1521

vendor-advisory

x_refsource_FEDORA

https://bugzilla.redhat.com/show_bug.cgi?id=293081

x_refsource_CONFIRM

28917

third-party-advisory

x_refsource_SECUNIA

http://duplicity.nongnu.org/CHANGELOG

x_refsource_CONFIRM

42339

vdb-entry

x_refsource_OSVDB

FEDORA-2008-1584

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-5201

Description

Affected Products

References