|make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows context-dependent attackers to obtain the password by listing the process and its arguments, or by sniffing the network.
|CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Vulnerable and fixed packages
The table below lists information on source packages.
The information below is based on the following data on fixed versions.
this script needs the default database password and name needs to be set which
would be a bigger problem in a non-trusted environment. Apart from
this is documented in the bacula documentation
Since bacula 5.0.0 "make_catalog_backup.pl" is used by default, which is not affected