Package: bacula-common Severity: important Tags: security This exists in all versions in Debian.
A default password -- the empty password -- is used in all the Bacula configs. This is predictable by anyone with access to ftp.debian.org and thus represents a serious security risk. See /usr/share/bacula-common/defconfig for all these examples. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.13.3 Locale: LANG=C, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages bacula-common depends on: ii adduser 3.87 Add and remove users and groups ii debconf [debconf-2.0] 1.5.0 Debian configuration management sy bacula-common recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
