Vulnerability Name:

CVE-2004-1165 (CCN-18384)

Assigned:2004-12-05
Published:2004-12-05
Updated:2017-10-11
Summary:Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.
CVSS v3 Severity:4.6 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.6 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2004-1165

Source: MITRE
Type: CNA
CVE-2004-1166

Source: BUGTRAQ
Type: UNKNOWN
20041205 7a69Adv#16 - Konqueror FTP command injection

Source: CCN
Type: RHSA-2005-009
kdelibs

Source: CCN
Type: RHSA-2005-065
kdelibs security update

Source: CCN
Type: SA13404
Internet Explorer FTP Command Injection Vulnerability

Source: CCN
Type: SA29346
Internet Explorer FTP Command Injection Vulnerability

Source: CCN
Type: SECTRACK ID: 1012444
Microsoft Internet Explorer Input Validation Error in Processing FTP URLs May Let Remote Users Inject Arbitrary FTP Commands

Source: CCN
Type: ASA-2006-154
Windows Security Updates for August 2006 - (MS06-040 - MS06-051)

Source: CCN
Type: CIAC Information Bulletin P-092
kdelibs -- Unsanitised Input

Source: DEBIAN
Type: UNKNOWN
DSA-631

Source: DEBIAN
Type: DSA-631
kdelibs -- unsanitised input

Source: CCN
Type: GLSA-200501-18
KDE FTP KIOslave: Command injection

Source: GENTOO
Type: UNKNOWN
GLSA-200501-18

Source: MANDRAKE
Type: UNKNOWN
MDKSA-2005:045

Source: CCN
Type: Microsoft Security Bulletin MS06-042
Cumulative Security Update for Internet Explorer (918899)

Source: CCN
Type: Microsoft Security Bulletin MS06-067
Cumulative Security Update for Internet Explorer (922760)

Source: CCN
Type: Microsoft Security Bulletin MS06-072
Cumulative Security Update for Internet Explorer (925454)

Source: CCN
Type: Microsoft Security Bulletin MS07-016
Cumulative Security Update for Internet Explorer (928090)

Source: CCN
Type: Microsoft Security Bulletin MS07-027
Cumulative Security Update for Internet Explorer (931768)

Source: CCN
Type: Microsoft Security Bulletin MS07-033
Cumulative Security Update for Internet Explorer (933566)

Source: CCN
Type: Microsoft Security Bulletin MS07-045
Cumulative Security Update for Internet Explorer (937143)

Source: CCN
Type: Microsoft Security Bulletin MS07-057
Cumulative Security Update for Internet Explorer (939653)

Source: CCN
Type: Microsoft Security Bulletin MS07-069
Cumulative Security Update for Internet Explorer (942615)

Source: CCN
Type: Microsoft Security Bulletin MS08-010
Cumulative Security Update for Internet Explorer (944533)

Source: CCN
Type: Microsoft Security Bulletin MS08-024
Cumulative Security Update for Internet Explorer (947864)

Source: CCN
Type: Microsoft Security Bulletin MS08-031
Cumulative Security Update for Internet Explorer (950759)

Source: CCN
Type: Microsoft Security Bulletin MS08-045
Cumulative Security Update for Internet Explorer (953838)

Source: CCN
Type: Microsoft Security Bulletin MS08-058
Cumulative Security Update for Internet Explorer (956390)

Source: CCN
Type: OSVDB ID: 12299
Microsoft IE FTP URL Arbitrary Command Injection

Source: REDHAT
Type: UNKNOWN
RHSA-2005:009

Source: REDHAT
Type: UNKNOWN
RHSA-2005:065

Source: CCN
Type: BID-11826
Microsoft Internet Explorer FTP URI Arbitrary FTP Server Command Execution Vulnerability

Source: CCN
Type: BID-11827
KDE FTP KIOSlave URI Arbitrary FTP Server Command Execution Vulnerability

Source: CCN
Type: BID-28208
RETIRED: Microsoft Internet Explorer FTP Cross-Site Command Injection Vulnerability

Source: CCN
Type: US-CERT Technical Cyber Security Alert TA06-220A
Microsoft Windows, Office, and Internet Explorer Vulnerabilities

Source: XF
Type: UNKNOWN
web-browser-ftp-command-execution(18384)

Source: XF
Type: UNKNOWN
web-browser-ftp-command-execution(18384)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:9645

Vulnerable Configuration:Configuration 1:
  • cpe:/a:kde:kdelibs:3.1:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.2:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:kde:kdelibs:3.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:kde:konqueror:3.3.1:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:microsoft:internet_explorer:6.0:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:ie:6.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:2.1:*:ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::ws:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::as:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:3::desktop:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::as:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::desktop:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::es:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:4::ws:*:*:*:*:*
  • OR cpe:/o:redhat:linux_advanced_workstation:2.1::itanium:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.0::amd64:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:9645
    V
    		Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.
    2013-04-29
    oval:com.redhat.rhsa:def:20050065
    P
    		RHSA-2005:065: kdelibs security update (Important)
    2005-02-15
    oval:com.redhat.rhsa:def:20050009
    P
    		RHSA-2005:009: kdelibs, kdebase security update (Important)
    2005-02-10
    oval:org.debian:def:631
    V
    		unsanitised input
    2005-01-10
    BACK
    kde kdelibs 3.1
    kde kdelibs 3.1.1
    kde kdelibs 3.1.2
    kde kdelibs 3.1.3
    kde kdelibs 3.1.4
    kde kdelibs 3.1.5
    kde kdelibs 3.2
    kde kdelibs 3.2.1
    kde kdelibs 3.2.2
    kde konqueror 3.3.1
    microsoft ie 6.0
    microsoft ie 6.0 sp1
    microsoft ie 5.01 sp4
    debian debian linux 3.0
    gentoo linux *
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 2.1
    redhat enterprise linux 3
    redhat enterprise linux 3
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.0
    redhat enterprise linux 3
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat enterprise linux 4
    redhat linux advanced workstation 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux 10.0