CVE-2007-5201

NONECVSS 0.0

0.0

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.

🔗 References (16)

cve@mitrehttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840
cve@mitrehttp://duplicity.nongnu.org/CHANGELOG
cve@mitrehttp://osvdb.org/42339
cve@mitrehttp://secunia.com/advisories/28917
cve@mitrehttp://www.securityfocus.com/bid/27771
cve@mitrehttps://bugzilla.redhat.com/show_bug.cgi?id=293081
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00356.html
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2008-February/msg00445.html
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840
af854a3a-2127-422b-91ae-364da2661108http://duplicity.nongnu.org/CHANGELOG
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/42339
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/28917
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/27771
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=293081
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00356.html

Is Your Infrastructure Affected by CVE-2007-5201?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2007-5201

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2007-5201?