Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3856

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2005-3856
Last Modified 05 Sep 2008 04:55:28
Published 27 Nov 2005 03:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-3856

Summary

The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

Vulnerable Systems

Application

  • Krusader 1.60.0

  • Krusader 1.70.0 Beta1


References

CONFIRM - http://www.krusader.org/phpBB/viewtopic.php?t=1368

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336169

CONFIRM - http://www.krusader.org/phpBB/viewtopic.php?t=1367


Last Updated: 27 May 2016 10:41:04