oval:org.mitre.oval:def:954

Definition Id: oval:org.mitre.oval:def:954

Oval ID:	oval:org.mitre.oval:def:954
Title:	Konqueror URI Handler "-" Filter Vulnerability
Description:	The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0411	Version:	2
Platform(s):	Red Hat Enterprise Linux 3	Product(s):
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND ix86 architecture AND kdelibs version is less than 3.1.3-6.4 AND Configuration section telnet, rlogin, ssh or kmail is executable /usr/bin/telnet is executable /usr/bin/telnet is executable AND /usr/bin/telnet is executable AND /usr/bin/telnet is executable OR /usr/kerberos/bin/telnet is executable /usr/kerberos/bin/telnet is executable AND /usr/kerberos/bin/telnet is executable AND /usr/kerberos/bin/telnet is executable OR /usr/bin/rlogin is executable /usr/bin/rlogin is executable AND /usr/bin/rlogin is executable AND /usr/bin/rlogin is executable OR /usr/kerberos/bin/rlogin is executable /usr/kerberos/bin/rlogin is executable AND /usr/kerberos/bin/rlogin is executable AND /usr/kerberos/bin/rlogin is executable OR /usr/bin/ssh is executable /usr/bin/ssh is executable AND /usr/bin/ssh is executable AND /usr/bin/ssh is executable OR /usr/bin/kmail is executable /usr/bin/kmail is executable AND /usr/bin/kmail is executable AND /usr/bin/kmail is executable

Copyright Security-Database 2006-2024 - Powered by themself ;) in 0.0262s

Facebook rss twitter linkedin mail