The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x before 2.1.1 allows remote attackers to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
References
Configurations
Information
Published : 2009-09-08 11:30
Updated : 2017-08-16 18:31
NVD link : CVE-2009-3102
Mitre link : CVE-2009-3102
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
zmanda
- zrm_for_my_sql