The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.
References
Link | Resource |
---|---|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336169 | Patch Vendor Advisory |
http://www.krusader.org/phpBB/viewtopic.php?t=1367 | Vendor Advisory |
http://www.krusader.org/phpBB/viewtopic.php?t=1368 | Patch |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-11-27 20:03
Updated : 2024-02-04 16:52
NVD link : CVE-2005-3856
Mitre link : CVE-2005-3856
CVE.ORG link : CVE-2005-3856
JSON object : View
Products Affected
krusader
- krusader
CWE