Vulnerabilities > CVE-2007-3820 - Unspecified vulnerability in KDE Konqueror 3.5.7
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0905.NASL description Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and last seen 2020-06-01 modified 2020-06-02 plugin id 26973 published 2007-10-12 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26973 title CentOS 4 / 5 : kdebase (CESA-2007:0905) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0905 and # CentOS Errata and Security Advisory 2007:0905 respectively. # include("compat.inc"); if (description) { script_id(26973); script_version("1.24"); script_cvs_date("Date: 2019/10/25 13:36:03"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4569"); script_bugtraq_id(24912); script_xref(name:"RHSA", value:"2007:0905"); script_name(english:"CentOS 4 / 5 : kdebase (CESA-2007:0905)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value:"The remote CentOS host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and 'shutdown with password' were enabled. A local user would have been able to login via KDM as any user without requiring a password. (CVE-2007-4569) Two Konqueror address spoofing flaws were discovered. A malicious website could spoof the Konqueror address bar, tricking a victim into believing the page was from a different site. (CVE-2007-3820, CVE-2007-4224) Users of KDE should upgrade to these updated packages, which contain backported patches to correct these issues." ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014285.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?c583dbe4" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014294.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?21121cef" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014295.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?70b9641a" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014298.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?96790c92" ); # https://lists.centos.org/pipermail/centos-announce/2007-October/014299.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?996c6225" ); script_set_attribute( attribute:"solution", value:"Update the affected kdebase packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/07/16"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/12"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"CentOS Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/CentOS/release"); if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS"); os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS"); os_ver = os_ver[1]; if (! preg(pattern:"^(4|5)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 4.x / 5.x", "CentOS " + os_ver); if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && "ia64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu); flag = 0; if (rpm_check(release:"CentOS-4", reference:"kdebase-3.3.1-6.el4")) flag++; if (rpm_check(release:"CentOS-4", reference:"kdebase-devel-3.3.1-6.el4")) flag++; if (rpm_check(release:"CentOS-5", reference:"kdebase-3.5.4-15.el5.centos")) flag++; if (rpm_check(release:"CentOS-5", reference:"kdebase-devel-3.5.4-15.el5.centos")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_WARNING, extra : rpm_report_get() ); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-devel"); }NASL family Fedora Local Security Checks NASL id FEDORA_2007-716.NASL description The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 26935 published 2007-10-09 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26935 title Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-716. # include("compat.inc"); if (description) { script_id(26935); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:26"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4225", "CVE-2007-4569"); script_xref(name:"FEDORA", value:"2007-716"); script_name(english:"Fedora Core 6 : kdebase-3.5.7-1.fc6 / kdelibs-3.5.7-1.fc6 (2007-716)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora Core host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "The remote Fedora Core host is missing one or more security updates : kdebase-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-4225, CVE-2007-3820 - rh#299741, CVE-2007-4569 - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.fc6.2 - fix #244906 kdelibs-3.5.7-1.fc6 : - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc6 - CVE-2007-4224, CVE-2007-3820 konqueror address bar spoofing Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/004054.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?35a04b05" ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/004055.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?d12013e1" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-apidocs"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdelibs-devel"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora_core:6"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/09"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 6.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC6", reference:"kdebase-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdebase-debuginfo-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdebase-devel-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-apidocs-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-debuginfo-3.5.7-1.fc6")) flag++; if (rpm_check(release:"FC6", reference:"kdelibs-devel-3.5.7-1.fc6")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-debuginfo / kdebase-devel / kdelibs / etc"); }NASL family Scientific Linux Local Security Checks NASL id SL_20071008_KDELIBS_ON_SL5_X.NASL description Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user last seen 2020-06-01 modified 2020-06-02 plugin id 60263 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60263 title Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64 code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text is (C) Scientific Linux. # include("compat.inc"); if (description) { script_id(60263); script_version("1.5"); script_cvs_date("Date: 2019/10/25 13:36:17"); script_cve_id("CVE-2007-0242", "CVE-2007-0537", "CVE-2007-1308", "CVE-2007-1564", "CVE-2007-3820", "CVE-2007-4224"); script_name(english:"Scientific Linux Security Update : kdelibs on SL5.x, SL4.x i386/x86_64"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Scientific Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1564) Two Konqueror address spoofing flaws have been discovered. It was possible for a malicious website to cause the Konqueror address bar to display information which could trick a user into believing they are at a different website than they actually are. (CVE-2007-3820, CVE-2007-4224)" ); # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0710&L=scientific-linux-errata&T=0&P=778 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?7627dbff" ); script_set_attribute( attribute:"solution", value: "Update the affected kdelibs, kdelibs-apidocs and / or kdelibs-devel packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 79, 399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/01"); script_set_attribute(attribute:"generated_plugin", value:"current"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Scientific Linux Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu); flag = 0; if (rpm_check(release:"SL4", reference:"kdelibs-3.3.1-9.el4")) flag++; if (rpm_check(release:"SL4", reference:"kdelibs-devel-3.3.1-9.el4")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-3.5.4-13.el5")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-apidocs-3.5.4-13.el5")) flag++; if (rpm_check(release:"SL5", reference:"kdelibs-devel-3.5.4-13.el5")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Fedora Local Security Checks NASL id FEDORA_2007-2361.NASL description - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req last seen 2020-06-01 modified 2020-06-02 plugin id 27769 published 2007-11-06 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27769 title Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2007-2361. # include("compat.inc"); if (description) { script_id(27769); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:25"); script_cve_id("CVE-2007-3820", "CVE-2007-4224", "CVE-2007-4225", "CVE-2007-4569"); script_xref(name:"FEDORA", value:"2007-2361"); script_name(english:"Fedora 7 : kdebase-3.5.7-13.1.fc7 (2007-2361)"); script_summary(english:"Checks rpm output for the updated packages."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: " - Tue Oct 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-13.1 - rh#299731, CVE-2007-4569 - Wed Aug 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> 6:3.5.7-13 - CVE-2007-3820, CVE-2007-4224, CVE-2007-4225 - License: GPLv2 - Requires: kdelibs3(-devel) - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-12 - fix unpackaged files - Fri Jul 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-9 - %ifnarch s390 s390x: BR: lm_sensors - Thu Jul 19 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-7 - omit dirs owned by kde-filesystem - Mon Jul 2 2007 Than Ngo <than at redhat.com> - 6:3.5.7-6 - fix bz#244906 - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-5 - Provides: kdebase3(-devel) - Wed Jun 20 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-4 - -devel: Requires: %name... - portability++ - Fri Jun 15 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-3 - specfile portability - Mon Jun 11 2007 Rex Dieter <rdieter[AT]fedoraproject.org> - 6:3.5.7-2 - fix BR: kdelibs-devel - cleanup Req's wrt kde-settings - Mon Jun 11 2007 Than Ngo <than at redhat.com> - 6:3.5.7-1.fc7.1 - remove kdebase-3.4.2-npapi-64bit-fixes.patch, it's included in new upstream - Wed Jun 6 2007 Than Ngo <than at redhat.com> - 6:3.5.7-0.1 - 3.5.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=299731" ); # https://lists.fedoraproject.org/pipermail/package-announce/2007-October/003992.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?cca76192" ); script_set_attribute(attribute:"solution", value:"Update the affected packages."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P"); script_cwe_id(59, 264); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-debuginfo"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:kdebase-extras"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:7"); script_set_attribute(attribute:"patch_publication_date", value:"2007/10/03"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/06"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 7.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC7", reference:"kdebase-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-debuginfo-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-devel-3.5.7-13.1.fc7")) flag++; if (rpm_check(release:"FC7", reference:"kdebase-extras-3.5.7-13.1.fc7")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "kdebase / kdebase-debuginfo / kdebase-devel / kdebase-extras"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0909.NASL description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user last seen 2020-06-01 modified 2020-06-02 plugin id 26952 published 2007-10-09 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26952 title RHEL 4 / 5 : kdelibs (RHSA-2007:0909) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2007-0909.NASL description From Red Hat Security Advisory 2007:0909 : Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user last seen 2020-06-01 modified 2020-06-02 plugin id 67574 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67574 title Oracle Linux 4 / 5 : kdelibs (ELSA-2007-0909) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0909.NASL description Updated kdelibs packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop Environment (KDE). Two cross-site-scripting flaws were found in the way Konqueror processes certain HTML content. This could result in a malicious attacker presenting misleading content to an unsuspecting user. (CVE-2007-0242, CVE-2007-0537) A flaw was found in KDE JavaScript implementation. A web page containing malicious JavaScript code could cause Konqueror to crash. (CVE-2007-1308) A flaw was found in the way Konqueror handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user last seen 2020-06-01 modified 2020-06-02 plugin id 26974 published 2007-10-12 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26974 title CentOS 4 / 5 : kdelibs (CESA-2007:0909) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-502-1.NASL description It was discovered that Konqueror could be tricked into displaying incorrect URLs. Remote attackers could exploit this to increase their chances of tricking a user into visiting a phishing URL, which could lead to credential theft. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 28106 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/28106 title Ubuntu 6.06 LTS / 6.10 / 7.04 : kdebase, kdelibs vulnerabilities (USN-502-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_14AD2A2866D211DCB25F02E0185F8D72.NASL description The KDE development team reports : The Konqueror address bar is vulnerable to spoofing attacks that are based on embedding white spaces in the url. In addition the address bar could be tricked to show an URL which it is intending to visit for a short amount of time instead of the current URL. last seen 2020-06-01 modified 2020-06-02 plugin id 26085 published 2007-09-24 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26085 title FreeBSD : konquerer -- address bar spoofing (14ad2a28-66d2-11dc-b25f-02e0185f8d72) NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-176.NASL description konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. (CVE-2007-3820) KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property. (CVE-2007-4224) Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar via an http URI with a large amount of whitespace in the user/password portion. (CVE-2007-4225) Updated packages fix these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 26008 published 2007-09-07 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26008 title Mandrake Linux Security Advisory : konqueror (MDKSA-2007:176) NASL family Fedora Local Security Checks NASL id FEDORA_2007-1699.NASL description This update primarily addresses problems with URL spoofing and consolekit/session permissions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27728 published 2007-11-06 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27728 title Fedora 7 : kdelibs-3.5.7-20.fc7 (2007-1699) NASL family Scientific Linux Local Security Checks NASL id SL_20071008_KDEBASE_ON_SL5_X.NASL description Kees Huijgen found a flaw in the way KDM handled logins when autologin and last seen 2020-06-01 modified 2020-06-02 plugin id 60262 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60262 title Scientific Linux Security Update : kdebase on SL5.x, SL4.x i386/x86_64 NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2007-264-01.NASL description New kdebase packages are available for Slackware 12.0 to fix security issues. A long URL padded with spaces could be used to display a false URL in Konqueror last seen 2020-06-01 modified 2020-06-02 plugin id 26113 published 2007-09-24 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26113 title Slackware 12.0 : kdebase, kdelibs (SSA:2007-264-01) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0905.NASL description Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and last seen 2020-06-01 modified 2020-06-02 plugin id 26951 published 2007-10-09 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26951 title RHEL 4 / 5 : kdebase (RHSA-2007:0905) NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2007-0905.NASL description From Red Hat Security Advisory 2007:0905 : Updated kdebase packages that resolve several security flaws are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdebase packages provide the core applications for KDE, the K Desktop Environment. These core packages include Konqueror, the web browser and file manager. These updated packages address the following vulnerabilities : Kees Huijgen found a flaw in the way KDM handled logins when autologin and last seen 2020-06-01 modified 2020-06-02 plugin id 67573 published 2013-07-12 reporter This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/67573 title Oracle Linux 4 / 5 : kdebase (ELSA-2007-0905) NASL family Fedora Local Security Checks NASL id FEDORA_2007-1700.NASL description This update primarily addresses security issues around URL spoofing. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27729 published 2007-11-06 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27729 title Fedora 7 : kdebase-3.5.7-13.fc7 (2007-1700)
Oval
| accepted | 2013-04-29T04:04:51.171-04:00 | ||||||||||||||||||||||||
| class | vulnerability | ||||||||||||||||||||||||
| contributors |
| ||||||||||||||||||||||||
| definition_extensions |
| ||||||||||||||||||||||||
| description | konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. | ||||||||||||||||||||||||
| family | unix | ||||||||||||||||||||||||
| id | oval:org.mitre.oval:def:10345 | ||||||||||||||||||||||||
| status | accepted | ||||||||||||||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||||||||||||||
| title | konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed. | ||||||||||||||||||||||||
| version | 27 |
Redhat
| advisories |
| ||||||||
| rpms |
|
Statements
| contributor | Mark J Cox |
| lastmodified | 2007-09-05 |
| organization | Red Hat |
| statement | This issue did not affect Red Hat Enterprise Linux 2.1 or 3. For Red Hat Enterprise Linux 4 and 5, Red Hat is aware of this issue and is tracking it via the following bug: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=248537 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. |
References
- http://alt.swiecki.net/oper1.html
- http://osvdb.org/37242
- http://secunia.com/advisories/26091
- http://secunia.com/advisories/26612
- http://secunia.com/advisories/26720
- http://secunia.com/advisories/27089
- http://secunia.com/advisories/27090
- http://secunia.com/advisories/27096
- http://secunia.com/advisories/27106
- http://secunia.com/advisories/27108
- http://securityreason.com/securityalert/2905
- http://www.kde.org/info/security/advisory-20070816-1.txt
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:176
- http://www.redhat.com/support/errata/RHSA-2007-0905.html
- http://www.redhat.com/support/errata/RHSA-2007-0909.html
- http://www.securityfocus.com/archive/1/473703/100/0/threaded
- http://www.securityfocus.com/archive/1/473712/100/0/threaded
- http://www.securityfocus.com/bid/24912
- http://www.securityfocus.com/bid/24918
- http://www.securitytracker.com/id?1018396
- http://www.ubuntu.com/usn/usn-502-1
- http://www.vupen.com/english/advisories/2007/2538
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35430
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10345
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00022.html
- https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00085.html