26 matches found
EUVD-2006-2443
Malware in sbrugna...
SUSE CVE-2006-2442
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords...
KPhone 2.x/3.x/4.0.1 Malformed STUN Packet Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10159/info A denial of service vulnerability has been reported in KPhone. This issue may be triggered by a malformed SIP Session Initiation Protocol STUN message. This is due to insufficient validation of user-specified...
Fedora Extras 3 : kphone-4.2-9.fc3 / Fedora Extras 4 : kphone-4.2-9.fc4 / etc
This update fixes CVE-2006-2442 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Debian: Security Advisory (DSA-1062-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian Security Advisory DSA 1062-1 (kphone)
The remote host is missing an update to kphone announced via advisory DSA 1062-1. Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords. The the old stable distribution woody doesn...
Debian DSA-1062-1 : kphone - insecure file creation
Sven Dreyer discovered that KPhone, a Voice over IP client for KDE, creates a configuration file world-readable, which could leak sensitive information like SIP passwords. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Mandrake Linux Security Advisory : kphone (MDKSA-2006:089)
Kphone creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords. Packages have been patched to correct this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
[ MDKSA-2006:089 ] - Updated kphone packages fixes permissions issue with .qt/kphonerc
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:089 http://www.mandriva.com/security/ Package : kphone Date : May 24, 2006 Affected: 2006.0 Problem Description: Kphone creates .qt/kphonerc with world-readable permissions, which allows local users to read...
kphone SIP VoIP software solution weak permissions
.qt/kphonerc file is world-readable and contains sensitive information, including SIP accounts...
[SECURITY] [DSA 1062-1] New kphone packages fix information disclosure
-------------------------------------------------------------------------- Debian Security Advisory DSA 1062-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 19th, 2006 http://www.debian.org/security/faq -...
DSA-1062-1 kphone - insecure file creation
Bulletin has no description...
CVE-2006-2442
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords...
Design/Logic Flaw
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords...
CVE-2006-2442
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords...
CVE-2006-2442
CVE-2006-2442 affects KPhone, a KDE VoIP client. The issue: kphone 4.2 creates the configuration file .qt/kphonerc with world-readable permissions, allowing local users to read usernames and SIP passwords. Connected advisories (Mandriva/MK, Debian DSA-1062-1, SUSE) confirm the root cause and stat...
CVE-2006-2442
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords...
CVE-2004-1940
KPhone’s sipclient.cpp (versions 4.0.1 and earlier) is affected by a vulnerability where a STUN response with a large attrLen value triggers an out-of-bounds read, leading to remote denial of service (crash). The issue is disclosed across CVE-2004-1940 entries (NVD, CVE list, PT-2004-2837), consi...
CVE-2004-1940
sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service crash via a STUN response packet with a large attrLen value that causes an out-of-bounds read...
CVE-2004-1940
sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service crash via a STUN response packet with a large attrLen value that causes an out-of-bounds read...