EUVD-2014-3499

Malware in sbrugna...

RHEL 5 : kdelibs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName CVE-2009-2702 - kf5-ki...

SUSE CVE-2013-2074

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

SUSE CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate...

CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate...

Code injection

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate...

CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate...

UBUNTU-CVE-2014-3494

kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate...

KDE FTP KIOSlave URI Arbitrary FTP Server Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11827/info KDE FTP kioslave-based applications such as Konqueror are reported prone to an arbitrary FTP server command execution vulnerability. This issue is due to a failure of the application to properly sanitize...

CVE-2013-2074

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

Default credentials

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

CVE-2013-2074

CVE-2013-2074 affects kioslave/http/http.cpp in KIO (kdelibs) 4.10.3 and earlier. A crafted request can trigger an internal server error that includes the username and password in the error message, exposing credentials and impacting confidentiality. Connected sources (e.g., Debian DLA-952-1 and ...

CVE-2013-2074

kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message...

KDE XMLHttpRequest安全绕过和kioslave输入验证漏洞

KDE是一款UNIX工下开源图形桌面环境。 KDE存在多个安全漏洞，具体如下： Ark输入过滤错误： KDE归档工具，由于不充分的校验可导致特殊构建的归档文件，使用未知的MIME类型，当使用KHTML实例渲染时，可触发不可控的XMLHTTPRequests给远程站点。 IO Slaves输入过滤错误： KDE协议处理器执行不充分的输入校验，攻击者可以构建恶意URI可触发JavaScript执行，另外'help://'协议处理器存在目录遍历攻击。不过注意此问题的恶意URI不能嵌入在Internet域内容中。 KMail输入过滤错误：...

Gentoo Security Advisory GLSA 200501-18 (konqueror)

The remote host is missing updates announced in advisory GLSA 200501-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200501-18 (konqueror)

The remote host is missing updates announced in advisory GLSA 200501-18. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 4 : kdebase (CESA-2006:0582)

Updated kdebase packages that resolve several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the file manager...

kdebase security update

CentOS Errata and Security Advisory CESA-2006:0582 Updated kdebase packages that resolve several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop...

RHEL 4 : kdebase (RHSA-2006:0582)

Updated kdebase packages that resolve several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the file manager...

Low: Red Hat Security Advisory: kdebase security fix

Updated kdebase packages that resolve several bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include the file manager...