The sarab.sh script in SaraB before 0.2.4 places the dar program's encryption key on the command line, which allows local users to obtain sensitive information by listing the process.
Max CVSS
2.1
EPSS Score
0.04%
Published
2008-06-03
Updated
2017-08-08
1 vulnerabilities found