CVE-2005-3856

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2005-3856
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2005-3856.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2005-3856
Published
2005-11-27T20:03:00Z
Modified
2024-06-30T12:01:22Z
Summary
[none]
Details

The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

References

Affected packages

Debian:11 / krusader

Package

Name
krusader
Purl
pkg:deb/debian/krusader?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.70.0-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / krusader

Package

Name
krusader
Purl
pkg:deb/debian/krusader?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.70.0-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / krusader

Package

Name
krusader
Purl
pkg:deb/debian/krusader?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.70.0-1

Ecosystem specific

{
    "urgency": "low"
}