|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Mandrake Local Security Checks >> MDKSA-2004:150: kdelibs Vulnerability Assessment Details
|
MDKSA-2004:150: kdelibs |
||
Check for the version of the kdelibs package Detailed Explanation for this Vulnerability Assessment The remote host is missing the patch for the advisory MDKSA-2004:150 (kdelibs). Daniel Fabian discovered a potential privacy issue in KDE. When creating a link to a remote file from various applications, including Konqueror, the resulting URL may contain the authentication credentials used to access that remote resource. This includes, but is not limited to, browsing SMB (Samba) shares. Upon further investigation, it was found that the SMB protocol handler also unnecessarily exposed authentication credentials (CVE-2004-1171). Another vulnerability was discovered where a malicious website could abuse Konqueror to load its own content into a window or tab that was opened by a trusted website, or it could trick a trusted website into loading content into an existing window or tab. This could lead to the user being confused as to the origin of a particular webpage and could have the user unknowingly send confidential information intended for a trusted site to the malicious site (CVE-2004-1158). The updated packages contain a patch from the KDE team to solve this issue. Additionally, the kdelibs and kdebase packages for Mandrakelinux 10.1 contain numerous bugfixes. New qt3 packages are being provided for Mandrakelinux 10.0 that are required to build the kdebase package. Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2004:150 Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2004 Tenable Network Security |
||
Cables, Connectors |
Cisco GLC-FE-100FX-RGD 100BASE-FX SFP Transceiver Module
$17.99
Cisco Meraki MA-SFP-1GB-SX 1000BASE-SX SFP Transceiver Module
$24.99
Cisco GLC-GE-100FX 100BASE-FX SGMII SFP Transceiver Module
$83.99
Cisco SFP-10/25G-CSR-S 10/25GBASE-CSR SFP28, 850nm, 100m, LC,
$54.00
Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03
$8.00
Lot of 10 - HP 10Gb SR SFP+ Transceiver 455883-B21 455885-001 456096-001 850nm
$23.99
Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC
$13.89
NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*
$18.00
LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module
$89.00
SFP-10G-SR V03 Original CISCO 10-2415-03 850nm 10GBASE-SR SFP+ Multi mode Module
$6.80
|
||
No Discussions have been posted on this vulnerability. |