Oval Definition:	oval:org.mitre.oval:def:411
Revision Date: 2007-04-25 Version: 19 Title: KDE Konqueror Userid/Password Disclosure Vulnerability Description: KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2003-0459 Platform(s): Red Hat Linux 9 Product(s): Konqueror Definition Synopsis Software section Red Hat 9 is installed AND ix86 architecture AND kdelibs version is less than 3.1-12 AND Configuration section /usr/bin/konqueror is executable /usr/bin/konqueror is executable OR /usr/bin/konqueror is executable OR /usr/bin/konqueror is executable
BACK