 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| Test Kennung: | 1.3.6.1.4.1.25623.1.0.52278 |
| Kategorie: | FreeBSD Local Security Checks |
| Titel: | FreeBSD Ports: kdebase, kdelibs |
| Zusammenfassung: | The remote host is missing an update to the system; as announced in the referenced advisory. |
| Beschreibung: | Summary: The remote host is missing an update to the system as announced in the referenced advisory. Vulnerability Insight: The following packages are affected: kdebase, kdelibs CVE-2004-1171 KDE 3.2.x and 3.3.0 through 3.3.2, when saving credentials that are (1) manually entered by the user or (2) created by the SMB protocol handler, stores those credentials for plaintext in the user's .desktop file, which may be created with world-readable permissions, which could allow local users to obtain usernames and passwords for remote resources such as SMB shares. Solution: Update your system with the appropriate patches or software upgrades. CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N |
| Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2004-1171 BugTraq ID: 11866 http://www.securityfocus.com/bid/11866 Bugtraq: 20041129 Password Disclosure for SMB Shares in KDE's Konqueror (Google Search) http://marc.info/?l=bugtraq&m=110178786809694&w=2 Bugtraq: 20041209 KDE Security Advisory: plain text password exposure (Google Search) http://marc.info/?l=bugtraq&m=110261063201488&w=2 CERT/CC vulnerability note: VU#305294 http://www.kb.cert.org/vuls/id/305294 Computer Incident Advisory Center Bulletin: P-051 http://www.ciac.org/ciac/bulletins/p-051.shtml http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1292.html http://www.gentoo.org/security/en/glsa/glsa-200412-16.xml http://www.mandriva.com/security/advisories?name=MDKSA-2004:150 http://www.sec-consult.com/index.php?id=118 http://www.osvdb.org/12248 http://securitytracker.com/id?1012471 http://secunia.com/advisories/13477 http://secunia.com/advisories/13486 http://secunia.com/advisories/13560 XForce ISS Database: kde-smb-password-plaintext(18267) https://exchange.xforce.ibmcloud.com/vulnerabilities/18267 |
| Copyright | Copyright (C) 2008 E-Soft Inc. |
| Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |