ID 4593CB09-4C81-11D9-983E-000C6E8F12EF Type freebsd Reporter FreeBSD Modified 2005-01-13T00:00:00
Description
When browsing SMB shares with Konqueror, shares with
authentication show up with hidden password in the browser
bar. It is possible to store the URL as a shortcut on the
desktop where the password is then available in plain text.
{"id": "4593CB09-4C81-11D9-983E-000C6E8F12EF", "bulletinFamily": "unix", "title": "konqueror -- Password Disclosure for SMB Shares", "description": "\nWhen browsing SMB shares with Konqueror, shares with\n\t authentication show up with hidden password in the browser\n\t bar.\tIt is possible to store the URL as a shortcut on the\n\t desktop where the password is then available in plain text.\n", "published": "2004-10-06T00:00:00", "modified": "2005-01-13T00:00:00", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://vuxml.freebsd.org/freebsd/4593cb09-4c81-11d9-983e-000c6e8f12ef.html", "reporter": "FreeBSD", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=110178786809694", "http://www.kde.org/info/security/advisory-20041209-1.txt"], "cvelist": ["CVE-2004-1171"], "type": "freebsd", "lastseen": "2018-08-31T01:16:06", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.2.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.2.0"}], "bulletinFamily": "unix", "cvelist": ["CVE-2004-1171"], "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "description": "\nWhen browsing SMB shares with Konqueror, shares with\n\t authentication show up with hidden password in the browser\n\t bar.\tIt is possible to store the URL as a shortcut on the\n\t desktop where the password is then available in plain text.\n", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "c4a318dc4329c93256ea682b5f35ff443f7f91df02e63d5ee1beebae3deadcef", "hashmap": [{"hash": "6e80602011476ff0254700e5c66f153b", "key": "description"}, {"hash": "635d7f080910dc81e99c0ca9b0d4203f", "key": "cvss"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "8e156ff7a31e71053099d14ebf49cb0a", "key": "modified"}, {"hash": "9fe02bb7e219977934807ac0da0e2c2a", "key": "references"}, {"hash": "b1b883cc81b9e692ad8257b57f50dd7e", "key": "published"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "60993c10d1f4b70b702dde6d4aeacfe4", "key": "title"}, {"hash": "b1af0b7b541a3ec6401ae803d2bdaaaa", "key": "href"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "e7b18dd58eb0f36bceb58d8df6c9be86", "key": "affectedPackage"}, {"hash": "48cdf43b0cbc8d9c63f64b073d8d8396", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/4593cb09-4c81-11d9-983e-000c6e8f12ef.html", "id": "4593CB09-4C81-11D9-983E-000C6E8F12EF", "lastseen": "2016-09-26T17:25:18", "modified": "2005-01-13T00:00:00", "objectVersion": "1.2", "published": "2004-10-06T00:00:00", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=110178786809694", "http://www.kde.org/info/security/advisory-20041209-1.txt"], "reporter": "FreeBSD", "title": "konqueror -- Password Disclosure for SMB Shares", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2016-09-26T17:25:18"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.2.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.2.0"}], "bulletinFamily": "unix", "cvelist": ["CVE-2004-1171"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nWhen browsing SMB shares with Konqueror, shares with\n\t authentication show up with hidden password in the browser\n\t bar.\tIt is possible to store the URL as a shortcut on the\n\t desktop where the password is then available in plain text.\n", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "dce540364dac6275b5de0a4ae941f03e9f29ca2c75bc6853e5394b800476e6e0", "hashmap": [{"hash": "6e80602011476ff0254700e5c66f153b", "key": "description"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "8e156ff7a31e71053099d14ebf49cb0a", "key": "modified"}, {"hash": "9fe02bb7e219977934807ac0da0e2c2a", "key": "references"}, {"hash": "b1b883cc81b9e692ad8257b57f50dd7e", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "60993c10d1f4b70b702dde6d4aeacfe4", "key": "title"}, {"hash": "b1af0b7b541a3ec6401ae803d2bdaaaa", "key": "href"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "e7b18dd58eb0f36bceb58d8df6c9be86", "key": "affectedPackage"}, {"hash": "48cdf43b0cbc8d9c63f64b073d8d8396", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/4593cb09-4c81-11d9-983e-000c6e8f12ef.html", "id": "4593CB09-4C81-11D9-983E-000C6E8F12EF", "lastseen": "2018-08-30T19:16:28", "modified": "2005-01-13T00:00:00", "objectVersion": "1.3", "published": "2004-10-06T00:00:00", "references": ["http://marc.theaimsgroup.com/?l=bugtraq&m=110178786809694", "http://www.kde.org/info/security/advisory-20041209-1.txt"], "reporter": "FreeBSD", "title": "konqueror -- Password Disclosure for SMB Shares", "type": "freebsd", "viewCount": 1}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-08-30T19:16:28"}], "edition": 3, "hashmap": [{"key": "affectedPackage", "hash": "e7b18dd58eb0f36bceb58d8df6c9be86"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "48cdf43b0cbc8d9c63f64b073d8d8396"}, {"key": "cvss", "hash": "635d7f080910dc81e99c0ca9b0d4203f"}, {"key": "description", "hash": "6e80602011476ff0254700e5c66f153b"}, {"key": "href", "hash": "b1af0b7b541a3ec6401ae803d2bdaaaa"}, {"key": "modified", "hash": "8e156ff7a31e71053099d14ebf49cb0a"}, {"key": "published", "hash": "b1b883cc81b9e692ad8257b57f50dd7e"}, {"key": "references", "hash": "9fe02bb7e219977934807ac0da0e2c2a"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "60993c10d1f4b70b702dde6d4aeacfe4"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "c4a318dc4329c93256ea682b5f35ff443f7f91df02e63d5ee1beebae3deadcef", "viewCount": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.2.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "le", "packageFilename": "UNKNOWN", "packageName": "kdebase", "packageVersion": "3.3.1"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "kdelibs", "packageVersion": "3.2.0"}]}
{"cve": [{"lastseen": "2017-07-11T11:14:31", "references": ["http://www.securityfocus.com/bid/11866", "http://www.mandriva.com/security/advisories?name=MDKSA-2004:150", "http://marc.info/?l=bugtraq&m=110178786809694&w=2", "http://www.ciac.org/ciac/bulletins/p-051.shtml", "http://securitytracker.com/id?1012471", "https://exchange.xforce.ibmcloud.com/vulnerabilities/18267", "http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html", "http://www.kde.org/info/security/advisory-20041209-1.txt", "http://www.kb.cert.org/vuls/id/305294", "http://marc.info/?l=bugtraq&m=110261063201488&w=2", "http://www.sec-consult.com/index.php?id=118", "http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml"], "description": "KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares.", "edition": 3, "reporter": "NVD", "published": "2005-01-10T00:00:00", "title": "CVE-2004-1171", "type": "cve", "enchantments": {"score": {"modified": "2017-07-11T11:14:31", "vector": "NONE", "value": 2.1}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2004-1171"], "scanner": [], "modified": "2017-07-10T21:30:48", "cpe": ["cpe:/o:kde:kde:3.2.2", "cpe:/o:kde:kde:3.3.2", "cpe:/o:kde:kde:3.3", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "cpe:/o:kde:kde:3.2", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "cpe:/o:redhat:fedora_core:core_2.0", "cpe:/o:kde:kde:3.3.1", "cpe:/o:kde:kde:3.2.3", "cpe:/o:mandrakesoft:mandrake_linux:10.1::x86_64", "cpe:/o:redhat:fedora_core:core_3.0", "cpe:/o:kde:kde:3.2.1", "cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64"], "id": "CVE-2004-1171", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1171", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-02T21:10:15", "references": [], "pluginID": "52278", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "edition": 1, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-04T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "title": "FreeBSD Ports: kdebase, kdelibs", "type": "openvas", "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1171"], "modified": "2016-09-21T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=52278", "id": "OPENVAS:52278", "sourceData": "#\n#VID 4593cb09-4c81-11d9-983e-000c6e8f12ef\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n kdebase\n kdelibs\n\nCVE-2004-1171\nKDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are\n(1) manually entered by the user or (2) created by the SMB protocol\nhandler, stores those credentials for plaintext in the user's .desktop\nfile, which may be created with world-readable permissions, which\ncould allow local users to obtain usernames and passwords for remote\nresources such as SMB shares.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.kde.org/info/security/advisory-20041209-1.txt\nhttp://marc.theaimsgroup.com/?l=bugtraq&m=110178786809694\nhttp://www.vuxml.org/freebsd/4593cb09-4c81-11d9-983e-000c6e8f12ef.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52278);\n script_version(\"$Revision: 4125 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-21 07:39:51 +0200 (Wed, 21 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(11866);\n script_cve_id(\"CVE-2004-1171\");\n script_tag(name:\"cvss_base\", value:\"2.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"FreeBSD Ports: kdebase, kdelibs\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"kdebase\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.0\")>=0 && revcomp(a:bver, b:\"3.3.1\")<=0) {\n txt += 'Package kdebase version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"kdelibs\");\nif(!isnull(bver) && revcomp(a:bver, b:\"3.2.0\")>=0 && revcomp(a:bver, b:\"3.3.1\")<=0) {\n txt += 'Package kdelibs version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:49:45", "references": [], "pluginID": "54775", "description": "The remote host is missing updates announced in\nadvisory GLSA 200412-16.", "edition": 2, "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "published": "2008-09-24T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Gentoo Security Advisory GLSA 200412-16 (KDE)", "type": "openvas", "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1158", "CVE-2004-1171"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=54775", "id": "OPENVAS:54775", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"kdelibs and kdebase contain a flaw allowing password disclosure when\ncreating a link to a remote file. Furthermore Konqueror is vulnerable to\nwindow injection.\";\ntag_solution = \"All kdelibs users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdelibs-3.2.3-r4'\n\nAll kdebase users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdebase-3.2.3-r3'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200412-16\nhttp://bugs.gentoo.org/show_bug.cgi?id=72804\nhttp://bugs.gentoo.org/show_bug.cgi?id=73869\nhttp://www.kde.org/info/security/advisory-20041209-1.txt\nhttp://www.kde.org/info/security/advisory-20041213-1.txt\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200412-16.\";\n\n \n\nif(description)\n{\n script_id(54775);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2004-1171\", \"CVE-2004-1158\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200412-16 (KDE)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"kde-base/kdelibs\", unaffected: make_list(\"rge 3.2.3-r4\", \"rge 3.3.1-r2\", \"ge 3.3.2-r1\"), vulnerable: make_list(\"lt 3.3.2-r1\"))) != NULL) {\n report += res;\n}\nif ((res = ispkgvuln(pkg:\"kde-base/kdebase\", unaffected: make_list(\"rge 3.2.3-r3\", \"rge 3.3.1-r2\"), vulnerable: make_list(\"lt 3.3.2-r1\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:07", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\nVendor URL: http://www.kde.org/\n[Vendor Specific Advisory URL](http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:150)\n[Vendor Specific Advisory URL](http://www.kde.org/info/security/advisory-20041209-1.txt)\nSecurity Tracker: 1012471\n[Secunia Advisory ID:13477](https://secuniaresearch.flexerasoftware.com/advisories/13477/)\n[Secunia Advisory ID:13486](https://secuniaresearch.flexerasoftware.com/advisories/13486/)\n[Secunia Advisory ID:13560](https://secuniaresearch.flexerasoftware.com/advisories/13560/)\nOther Advisory URL: http://www.securiteam.com/unixfocus/6P0050AC0A.html\nOther Advisory URL: http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0099.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-12/0050.html\nMail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html\n[CVE-2004-1171](https://vulners.com/cve/CVE-2004-1171)\n", "reporter": "OSVDB", "published": "2004-11-29T19:47:35", "type": "osvdb", "title": "KDE Konqueror Shortcut SMB Share Password Disclosure", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2004-1171"], "modified": "2004-11-29T19:47:35", "href": "https://vulners.com/osvdb/OSVDB:12248", "id": "OSVDB:12248", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "nessus": [{"lastseen": "2018-09-01T23:55:43", "references": ["http://www.kde.org/info/security/advisory-20041209-1.txt", "http://www.nessus.org/u?d1b612ac", "http://marc.info/?l=bugtraq&m=110178786809694"], "pluginID": "18921", "description": "When browsing SMB shares with Konqueror, shares with authentication show up with hidden password in the browser bar. It is possible to store the URL as a shortcut on the desktop where the password is then available in plain text.", "edition": 4, "reporter": "Tenable", "published": "2005-07-13T00:00:00", "title": "FreeBSD : konqueror -- Password Disclosure for SMB Shares (4593cb09-4c81-11d9-983e-000c6e8f12ef)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "FreeBSD Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1171"], "modified": "2013-06-21T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:kdebase", "p-cpe:/a:freebsd:freebsd:kdelibs"], "id": "FREEBSD_PKG_4593CB094C8111D9983E000C6E8F12EF.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=18921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2013 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(18921);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2013/06/21 23:52:43 $\");\n\n script_cve_id(\"CVE-2004-1171\");\n script_xref(name:\"CERT\", value:\"305294\");\n\n script_name(english:\"FreeBSD : konqueror -- Password Disclosure for SMB Shares (4593cb09-4c81-11d9-983e-000c6e8f12ef)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When browsing SMB shares with Konqueror, shares with authentication\nshow up with hidden password in the browser bar. It is possible to\nstore the URL as a shortcut on the desktop where the password is then\navailable in plain text.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20041209-1.txt\"\n );\n # http://marc.theaimsgroup.com/?l=bugtraq&m=110178786809694\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://marc.info/?l=bugtraq&m=110178786809694\"\n );\n # http://www.freebsd.org/ports/portaudit/4593cb09-4c81-11d9-983e-000c6e8f12ef.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d1b612ac\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2005/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"kdebase>=3.2.0<=3.3.1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"kdelibs>=3.2.0<=3.3.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-09-01T23:32:52", "references": ["http://www.kde.org/info/security/advisory-20041213-1.txt", "https://security.gentoo.org/glsa/200412-16", "http://www.kde.org/info/security/advisory-20041209-1.txt"], "pluginID": "16003", "description": "The remote host is affected by the vulnerability described in GLSA-200412-16 (kdelibs, kdebase: Multiple vulnerabilities)\n\n Daniel Fabian discovered that the KDE core libraries contain a flaw allowing password disclosure by making a link to a remote file.\n When creating this link, the resulting URL contains authentication credentials used to access the remote file (CAN 2004-1171).\n The Konqueror webbrowser allows websites to load webpages into a window or tab currently used by another website (CAN-2004-1158).\n Impact :\n\n A malicious user could have access to the authentication credentials of other users depending on the file permissions.\n A malicious website could use the window injection vulnerability to load content in a window apparently belonging to another website.\n Workaround :\n\n There is no known workaround at this time.", "edition": 5, "reporter": "Tenable", "published": "2004-12-19T00:00:00", "title": "GLSA-200412-16 : kdelibs, kdebase: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1158", "CVE-2004-1171"], "modified": "2018-08-10T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:kdelibs", "p-cpe:/a:gentoo:linux:kdebase", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200412-16.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=16003", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200412-16.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(16003);\n script_version(\"1.15\");\n script_cvs_date(\"Date: 2018/08/10 18:07:05\");\n\n script_cve_id(\"CVE-2004-1158\", \"CVE-2004-1171\");\n script_xref(name:\"GLSA\", value:\"200412-16\");\n\n script_name(english:\"GLSA-200412-16 : kdelibs, kdebase: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200412-16\n(kdelibs, kdebase: Multiple vulnerabilities)\n\n Daniel Fabian discovered that the KDE core libraries contain a\n flaw allowing password disclosure by making a link to a remote file.\n When creating this link, the resulting URL contains authentication\n credentials used to access the remote file (CAN 2004-1171).\n The Konqueror webbrowser allows websites to load webpages into a window\n or tab currently used by another website (CAN-2004-1158).\n \nImpact :\n\n A malicious user could have access to the authentication\n credentials of other users depending on the file permissions.\n A malicious website could use the window injection vulnerability to\n load content in a window apparently belonging to another website.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20041209-1.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20041213-1.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200412-16\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All kdelibs users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdelibs-3.2.3-r4'\n All kdebase users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=kde-base/kdebase-3.2.3-r3'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/19\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"kde-base/kdebase\", unaffected:make_list(\"rge 3.2.3-r3\", \"rge 3.3.1-r2\"), vulnerable:make_list(\"lt 3.3.2-r1\"))) flag++;\nif (qpkg_check(package:\"kde-base/kdelibs\", unaffected:make_list(\"rge 3.2.3-r4\", \"rge 3.3.1-r2\", \"ge 3.3.2-r1\"), vulnerable:make_list(\"lt 3.3.2-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs / kdebase\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:01:40", "references": ["http://www.kde.org/info/security/advisory-20041209-1.txt", "http://www.kde.org/info/security/advisory-20040811-3.txt"], "pluginID": "15981", "description": "Daniel Fabian discovered a potential privacy issue in KDE. When creating a link to a remote file from various applications, including Konqueror, the resulting URL may contain the authentication credentials used to access that remote resource. This includes, but is not limited to, browsing SMB (Samba) shares. Upon further investigation, it was found that the SMB protocol handler also unnecessarily exposed authentication credentials (CVE-2004-1171).\n\nAnother vulnerability was discovered where a malicious website could abuse Konqueror to load its own content into a window or tab that was opened by a trusted website, or it could trick a trusted website into loading content into an existing window or tab. This could lead to the user being confused as to the origin of a particular webpage and could have the user unknowingly send confidential information intended for a trusted site to the malicious site (CVE-2004-1158).\n\nThe updated packages contain a patch from the KDE team to solve this issue.\n\nAdditionally, the kdelibs and kdebase packages for Mandrakelinux 10.1 contain numerous bugfixes. New qt3 packages are being provided for Mandrakelinux 10.0 that are required to build the kdebase package.", "edition": 5, "reporter": "Tenable", "published": "2004-12-15T00:00:00", "title": "Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:150)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Mandriva Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-1158", "CVE-2004-1171", "CVE-2004-0721"], "modified": "2018-07-19T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libkdebase4-kmenuedit", "p-cpe:/a:mandriva:linux:lib64kdecore4-devel", "p-cpe:/a:mandriva:linux:libkdebase4", "p-cpe:/a:mandriva:linux:kdebase-kmenuedit", "p-cpe:/a:mandriva:linux:lib64kdebase4-kmenuedit", "p-cpe:/a:mandriva:linux:kdebase-kdm-config-file", "p-cpe:/a:mandriva:linux:kdelibs-common", "p-cpe:/a:mandriva:linux:libqt3-psql", "p-cpe:/a:mandriva:linux:libkdebase4-konsole", "cpe:/o:mandrakesoft:mandrake_linux:10.1", "p-cpe:/a:mandriva:linux:libqt3-odbc", "p-cpe:/a:mandriva:linux:lib64qt3-psql", "p-cpe:/a:mandriva:linux:lib64kdebase4", "p-cpe:/a:mandriva:linux:libkdebase4-nsplugins-devel", "cpe:/o:mandrakesoft:mandrake_linux:10.0", "p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins-devel", "p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins", "p-cpe:/a:mandriva:linux:mandrakelinux-kde-config-file", "p-cpe:/a:mandriva:linux:libqt3-devel", "p-cpe:/a:mandriva:linux:libkdebase4-kate-devel", "p-cpe:/a:mandriva:linux:libqt3-mysql", "p-cpe:/a:mandriva:linux:lib64kdebase4-konsole", "p-cpe:/a:mandriva:linux:libqt3", "p-cpe:/a:mandriva:linux:lib64kdebase4-devel", "p-cpe:/a:mandriva:linux:kdebase-kdm", "p-cpe:/a:mandriva:linux:kdebase", "p-cpe:/a:mandriva:linux:lib64qt3-mysql", "p-cpe:/a:mandriva:linux:kdebase-konsole", "p-cpe:/a:mandriva:linux:kdebase-kcontrol-data", "p-cpe:/a:mandriva:linux:lib64qt3-odbc", "p-cpe:/a:mandriva:linux:qt3-example", "p-cpe:/a:mandriva:linux:lib64kdebase4-kate-devel", "p-cpe:/a:mandriva:linux:kdebase-nsplugins", "p-cpe:/a:mandriva:linux:libkdebase4-nsplugins", "p-cpe:/a:mandriva:linux:kdebase-progs", "p-cpe:/a:mandriva:linux:kdebase-common", "p-cpe:/a:mandriva:linux:libkdecore4-devel", "p-cpe:/a:mandriva:linux:qt3-common", "p-cpe:/a:mandriva:linux:kdebase-kate", "p-cpe:/a:mandriva:linux:libkdebase4-kate", "p-cpe:/a:mandriva:linux:lib64qt3", "p-cpe:/a:mandriva:linux:lib64kdecore4", "p-cpe:/a:mandriva:linux:lib64kdebase4-kate", "p-cpe:/a:mandriva:linux:libkdebase4-devel", "p-cpe:/a:mandriva:linux:libkdecore4", "p-cpe:/a:mandriva:linux:kdebase-kdeprintfax", "p-cpe:/a:mandriva:linux:lib64qt3-devel", "p-cpe:/a:mandriva:linux:kdebase-kcontrol-nsplugins"], "id": "MANDRAKE_MDKSA-2004-150.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=15981", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:150. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(15981);\n script_version (\"1.16\");\n script_cvs_date(\"Date: 2018/07/19 20:59:13\");\n\n script_cve_id(\"CVE-2004-0721\", \"CVE-2004-1158\", \"CVE-2004-1171\");\n script_xref(name:\"MDKSA\", value:\"2004:150\");\n\n script_name(english:\"Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:150)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Daniel Fabian discovered a potential privacy issue in KDE. When\ncreating a link to a remote file from various applications, including\nKonqueror, the resulting URL may contain the authentication\ncredentials used to access that remote resource. This includes, but is\nnot limited to, browsing SMB (Samba) shares. Upon further\ninvestigation, it was found that the SMB protocol handler also\nunnecessarily exposed authentication credentials (CVE-2004-1171).\n\nAnother vulnerability was discovered where a malicious website could\nabuse Konqueror to load its own content into a window or tab that was\nopened by a trusted website, or it could trick a trusted website into\nloading content into an existing window or tab. This could lead to the\nuser being confused as to the origin of a particular webpage and could\nhave the user unknowingly send confidential information intended for a\ntrusted site to the malicious site (CVE-2004-1158).\n\nThe updated packages contain a patch from the KDE team to solve this\nissue.\n\nAdditionally, the kdelibs and kdebase packages for Mandrakelinux 10.1\ncontain numerous bugfixes. New qt3 packages are being provided for\nMandrakelinux 10.0 that are required to build the kdebase package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20040811-3.txt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.kde.org/info/security/advisory-20041209-1.txt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kcontrol-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kcontrol-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdeprintfax\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kdm-config-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdebase-progs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kdelibs-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdebase4-nsplugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64kdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64qt3-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kate-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-kmenuedit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-konsole\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-nsplugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdebase4-nsplugins-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libkdecore4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libqt3-psql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:mandrakelinux-kde-config-file\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt3-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:qt3-example\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:10.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-common-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kate-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kcontrol-data-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdeprintfax-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdm-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kdm-config-file-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-kmenuedit-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-konsole-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-nsplugins-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdebase-progs-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"kdelibs-common-3.2-36.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kate-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-kmenuedit-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-konsole-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdebase4-nsplugins-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdecore4-3.2-36.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64kdecore4-devel-3.2-36.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64qt3-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64qt3-devel-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64qt3-mysql-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64qt3-odbc-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"lib64qt3-psql-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kate-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kate-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-kmenuedit-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-konsole-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdebase4-nsplugins-devel-3.2-79.14.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdecore4-3.2-36.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libkdecore4-devel-3.2-36.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libqt3-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libqt3-devel-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libqt3-mysql-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libqt3-odbc-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"i386\", reference:\"libqt3-psql-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", cpu:\"amd64\", reference:\"mandrakelinux-kde-config-file-10.1-6.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"mandrakelinux-kde-config-file-10.1-6.1.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"qt3-common-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.0\", reference:\"qt3-example-3.2.3-19.6.100mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-common-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kate-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kcontrol-data-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kcontrol-nsplugins-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kdeprintfax-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kdm-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kdm-config-file-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-kmenuedit-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-konsole-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-nsplugins-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdebase-progs-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", reference:\"kdelibs-common-3.2.3-98.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-devel-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-kate-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-kate-devel-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-kmenuedit-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdebase4-konsole-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdecore4-3.2.3-98.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"x86_64\", reference:\"lib64kdecore4-devel-3.2.3-98.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-devel-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-kate-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-kate-devel-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-kmenuedit-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdebase4-konsole-3.2.3-134.3.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdecore4-3.2.3-98.1.101mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK10.1\", cpu:\"i386\", reference:\"libkdecore4-devel-3.2.3-98.1.101mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:08", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=72804", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1171", "http://www.kde.org/info/security/advisory-20041213-1.txt", "http://www.kde.org/info/security/advisory-20041209-1.txt", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1158", "https://bugs.gentoo.org/show_bug.cgi?id=73869"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.3.2-r1", "packageName": "kde-base/kdebase", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}, {"OS": "Gentoo", "OSVersion": "any", "packageVersion": "3.3.2-r1", "packageName": "kde-base/kdelibs", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nKDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. The KDE core libraries (kdebase and kdelibs) provide native support for many protocols. Konqueror is the KDE web browser and filemanager. \n\n### Description\n\nDaniel Fabian discovered that the KDE core libraries contain a flaw allowing password disclosure by making a link to a remote file. When creating this link, the resulting URL contains authentication credentials used to access the remote file (CAN 2004-1171). \n\nThe Konqueror webbrowser allows websites to load webpages into a window or tab currently used by another website (CAN-2004-1158). \n\n### Impact\n\nA malicious user could have access to the authentication credentials of other users depending on the file permissions. \n\nA malicious website could use the window injection vulnerability to load content in a window apparently belonging to another website. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll kdelibs users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdelibs-3.2.3-r4\"\n\nAll kdebase users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=kde-base/kdebase-3.2.3-r3\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2004-12-19T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "gentoo", "title": "kdelibs, kdebase: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2004-1158", "CVE-2004-1171"], "modified": "2004-12-19T00:00:00", "id": "GLSA-200412-16", "href": "https://security.gentoo.org/glsa/200412-16", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}
