Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3816

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-3816
Last Modified 07 Mar 2011 09:39:32
Published 25 Jul 2006 09:22:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3816

Summary

Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.

Vulnerable Systems

Application

  • Krusader 1.50 Beta1

  • Krusader 1.60.0

  • Krusader 1.70.0

  • Krusader 1.70.0 Beta1


References

CONFIRM - http://krusader.sourceforge.net/phpBB/viewtopic.php?p=7965

CONFIRM - http://groups.google.com/group/krusader-news/browse_thread/thread/ec719041ed4a1a14

VUPEN - ADV-2006-2992

BID - 19194


Last Updated: 27 May 2016 10:43:08