The doHotCopy subroutine in socket-server.pl in Zmanda Recovery Manager (ZRM) for MySQL 2.x prior to 2.1.1 allows remote malicious users to execute arbitrary commands via vectors involving a crafted $MYSQL_BINPATH variable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zmanda zrm for my sql 2.1 |