Vulnerabilities > CVE-2004-0721 - Unspecified vulnerability in KDE Konqueror 3.1.3/3.2.2
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Nessus
NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2004-247-01.NASL description New kdelibs and kdebase packages are available for Slackware 9.1, 10.0, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 18782 published 2005-07-13 reporter This script is Copyright (C) 2005-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/18782 title Slackware 10.0 / 9.1 / current : kde (SSA:2004-247-01) NASL family Fedora Local Security Checks NASL id FEDORA_2004-293.NASL description Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0689 to this issue. WESTPOINT internet reconnaissance services has discovered that the KDE web browser Konqueror allows websites to set cookies for certain country specific secondary top level domains. An attacker within one of the affected domains could construct a cookie which would be sent to all other websites within the domain leading to a session fixation attack. This issue does not affect popular domains such as .co.uk, .co.in, or .com. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0721 to this issue. A frame injection spoofing vulnerability has been discovered in the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a named frame of a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0746 to this issue. All users of KDE are advised to upgrade to these packages, which contain backported patches from the KDE team for these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 14691 published 2004-09-09 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14691 title Fedora Core 2 : kdebase-3.2.2-6.FC2 (2004-293) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2004-412.NASL description Updated kdelib and kdebase packages that resolve multiple security issues are now available. The kdelibs packages include libraries for the K Desktop Environment. The kdebase packages include core applications for the K Desktop Environment. Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0689 to this issue. WESTPOINT internet reconnaissance services has discovered that the KDE web browser Konqueror allows websites to set cookies for certain country specific secondary top level domains. An attacker within one of the affected domains could construct a cookie which would be sent to all other websites within the domain leading to a session fixation attack. This issue does not affect popular domains such as .co.uk, .co.in, or .com. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0721 to this issue. A frame injection spoofing vulnerability has been discovered in the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a named frame of a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0746 to this issue. All users of KDE are advised to upgrade to these erratum packages, which contain backported patches from the KDE team for these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 15427 published 2004-10-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/15427 title RHEL 2.1 / 3 : kdelibs, kdebase (RHSA-2004:412) NASL family FreeBSD Local Security Checks NASL id FREEBSD_KDELIBS_3233.NASL description The remote host is missing an update to the system The following package is affected: firefox This plugin has been deprecated since the advisory has been canceled. last seen 2016-09-26 modified 2015-12-02 plugin id 14268 published 2004-08-12 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=14268 title FreeBSD : Mutiple browser frame injection vulnerability (83) (deprecated) NASL family FreeBSD Local Security Checks NASL id FREEBSD_MULTIPLE_BROWSERS_FRAME_INJECTION.NASL description The remote host is running one of the following package : kdelibs < 3.2.3_3 kdebase < 3.2.3_1 7.50 <= linux-opera < 7.52 7.50 <= opera < 7.52 firefox < 0.9 linux-mozilla < 1.7 linux-mozilla-devel < 1.7 mozilla-gtk1 < 1.7 mozilla < 1.7,2 netscape7 < 7.2 These packages contain a bug which may allow an attacker to perform a frame injection. An attacker may exploit this flaw by setting up a rogue website which would insert its own frames in the pages of an otherwise trusted web site. last seen 2016-09-26 modified 2013-01-25 plugin id 14758 published 2004-09-16 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=14758 title FreeBSD Ports : Multiple Browsers Frame Injection NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-150.NASL description Daniel Fabian discovered a potential privacy issue in KDE. When creating a link to a remote file from various applications, including Konqueror, the resulting URL may contain the authentication credentials used to access that remote resource. This includes, but is not limited to, browsing SMB (Samba) shares. Upon further investigation, it was found that the SMB protocol handler also unnecessarily exposed authentication credentials (CVE-2004-1171). Another vulnerability was discovered where a malicious website could abuse Konqueror to load its own content into a window or tab that was opened by a trusted website, or it could trick a trusted website into loading content into an existing window or tab. This could lead to the user being confused as to the origin of a particular webpage and could have the user unknowingly send confidential information intended for a trusted site to the malicious site (CVE-2004-1158). The updated packages contain a patch from the KDE team to solve this issue. Additionally, the kdelibs and kdebase packages for Mandrakelinux 10.1 contain numerous bugfixes. New qt3 packages are being provided for Mandrakelinux 10.0 that are required to build the kdebase package. last seen 2020-06-01 modified 2020-06-02 plugin id 15981 published 2004-12-15 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15981 title Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:150) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2004-086.NASL description A number of vulnerabilities were discovered in KDE that are corrected with these update packages. The integrity of symlinks used by KDE are not ensured and as a result can be abused by local attackers to create or truncate arbitrary files or to prevent KDE applications from functioning correctly (CVE-2004-0689). The DCOPServer creates temporary files in an insecure manner. These temporary files are used for authentication-related purposes, so this could potentially allow a local attacker to compromise the account of any user running a KDE application (CVE-2004-0690). Note that only KDE 3.2.x is affected by this vulnerability. The Konqueror web browser allows websites to load web pages into a frame of any other frame-based web page that the user may have open. This could potentially allow a malicious website to make Konqueror insert its own frames into the page of an otherwise trusted website (CVE-2004-0721). The Konqueror web browser also allows websites to set cookies for certain country-specific top-level domains. This can be done to make Konqueror send the cookies to all other web sites operating under the same domain, which can be abused to become part of a session fixation attack. All country-specific secondary top-level domains that use more than 2 characters in the secondary part of the domain name, and that use a secondary part other than com, net, mil, org, gove, edu, or int are affected (CVE-2004-0746). last seen 2020-06-01 modified 2020-06-02 plugin id 14335 published 2004-08-22 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14335 title Mandrake Linux Security Advisory : kdelibs/kdebase (MDKSA-2004:086) NASL family Fedora Local Security Checks NASL id FEDORA_2004-291.NASL description Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0689 to this issue. WESTPOINT internet reconnaissance services has discovered that the KDE web browser Konqueror allows websites to set cookies for certain country specific secondary top level domains. An attacker within one of the affected domains could construct a cookie which would be sent to all other websites within the domain leading to a session fixation attack. This issue does not affect popular domains such as .co.uk, .co.in, or .com. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0721 to this issue. A frame injection spoofing vulnerability has been discovered in the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a named frame of a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0746 to this issue. All users of KDE are advised to upgrade to these packages, which contain backported patches from the KDE team for these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 14689 published 2004-09-09 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14689 title Fedora Core 2 : kdelibs-3.2.2-8.FC2 (2004-291) NASL family Fedora Local Security Checks NASL id FEDORA_2004-290.NASL description Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0689 to this issue. WESTPOINT internet reconnaissance services has discovered that the KDE web browser Konqueror allows websites to set cookies for certain country specific secondary top level domains. An attacker within one of the affected domains could construct a cookie which would be sent to all other websites within the domain leading to a session fixation attack. This issue does not affect popular domains such as .co.uk, .co.in, or .com. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0721 to this issue. A frame injection spoofing vulnerability has been discovered in the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a named frame of a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0746 to this issue. All users of KDE are advised to upgrade to these erratum packages, which contain backported patches from the KDE team for these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 14688 published 2004-09-09 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14688 title Fedora Core 1 : kdelibs-3.1.4-7 (2004-290) NASL family Fedora Local Security Checks NASL id FEDORA_2004-292.NASL description Andrew Tuitt reported that versions of KDE up to and including 3.2.3 create temporary directories with predictable names. A local attacker could prevent KDE applications from functioning correctly, or overwrite files owned by other users by creating malicious symlinks. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0689 to this issue. WESTPOINT internet reconnaissance services has discovered that the KDE web browser Konqueror allows websites to set cookies for certain country specific secondary top level domains. An attacker within one of the affected domains could construct a cookie which would be sent to all other websites within the domain leading to a session fixation attack. This issue does not affect popular domains such as .co.uk, .co.in, or .com. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0721 to this issue. A frame injection spoofing vulnerability has been discovered in the Konqueror web browser. This issue could allow a malicious website to show arbitrary content in a named frame of a different browser window. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0746 to this issue. All users of KDE are advised to upgrade to these packages, which contain backported patches from the KDE team for these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 14690 published 2004-09-09 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14690 title Fedora Core 1 : kdebase-3.1.4-7 (2004-292) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_641859E8ECA111D8B913000C41E2CDAD.NASL description A class of bugs affecting many web browsers in the same way was discovered. A Secunia advisory reports : The problem is that the browsers don last seen 2020-06-01 modified 2020-06-02 plugin id 56476 published 2011-10-13 reporter This script is Copyright (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/56476 title FreeBSD : Mutiple browser frame injection vulnerability (641859e8-eca1-11d8-b913-000c41e2cdad)
Oval
| accepted | 2013-04-29T04:13:34.730-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| definition_extensions |
| ||||||||
| description | Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||||||
| family | unix | ||||||||
| id | oval:org.mitre.oval:def:11371 | ||||||||
| status | accepted | ||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||
| title | Konqueror 3.1.3, 3.2.2, and possibly other versions does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | ||||||||
| version | 26 |
Redhat
| rpms |
|
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000864
- http://marc.info/?l=bugtraq&m=109225538901170&w=2
- http://secunia.com/advisories/11978
- http://secunia.com/multiple_browsers_frame_injection_vulnerability_test/
- http://security.gentoo.org/glsa/glsa-200408-13.xml
- http://www.kde.org/info/security/advisory-20040811-3.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1598
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11371