CVE-2008-2517

The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sarab:sarab:*:*:*:*:*:*:*:*
cpe:2.3:a:sarab:sarab:0.2.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2008-06-03 14:32

Updated : 2024-02-28 11:21


NVD link : CVE-2008-2517

Mitre link : CVE-2008-2517

CVE.ORG link : CVE-2008-2517


JSON object : View

Products Affected

sarab

  • sarab
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor