make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
| Link | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37336 | third party advisory vdb entry |
| http://security.gentoo.org/glsa/glsa-200807-10.xml | third party advisory vendor advisory |
| http://bugs.bacula.org/view.php?id=990 | vendor advisory permissions required |
| http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446809 | mailing list third party advisory issue tracking |
| http://www.vupen.com/english/advisories/2007/3572 | broken link third party advisory vdb entry permissions required |
| http://secunia.com/advisories/27243 | third party advisory broken link |
| http://osvdb.org/41861 | vdb entry broken link |
| http://www.securityfocus.com/bid/26156 | broken link third party advisory vdb entry |
| http://secunia.com/advisories/31184 | third party advisory broken link |