oval:org.mitre.oval:def:411

Definition Id: oval:org.mitre.oval:def:411

Oval ID:	oval:org.mitre.oval:def:411
Title:	KDE Konqueror Userid/Password Disclosure Vulnerability
Description:	KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2003-0459	Version:	2
Platform(s):	Red Hat Linux 9	Product(s):	Konqueror
Definition Synopsis:
Software section Red Hat 9 is installed AND ix86 architecture AND kdelibs version is less than 3.1-12 AND Configuration section /usr/bin/konqueror is executable /usr/bin/konqueror is executable AND /usr/bin/konqueror is executable AND /usr/bin/konqueror is executable