Описание
The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | |
| devel | released | 0.4.3-2 |
| edgy | not-affected | |
| feisty | not-affected | |
| gutsy | released | 0.4.3-2 |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
4.6 Medium
CVSS2
Связанные уязвимости
nvd
больше 18 лет назад
The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments.
debian
больше 18 лет назад
The FTP backend for Duplicity before 0.4.9 sends the password as a com ...
github
почти 4 года назад
FTP backend for Duplicity Discloses Passwords to Process Listing
4.6 Medium
CVSS2