CVE-2008-2517

The sarab.sh script in SaraB before 0.2.4 places the dar program’s encryption key on the command line, which allows local users to obtain sensitive information by listing the process.

Date published : 2008-06-03

http://www.securityfocus.com/bid/29364

http://sarab.svn.sourceforge.net/viewvc/sarab/sarab/sarab.sh?r1=34&r2=36