CVE-2007-1564 – KDE Konqueror 3.x/IOSlave - FTP PASV Port-Scanning
https://notcve.org/view.php?id=CVE-2007-1564
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. La implementación del protocolo FTP en Konqueror versión 3.5.5, permite a los servidores remotos forzar al cliente a conectarse a otros servidores, al realizar un escaneo de puertos proxy u obtener información confidencial mediante la especificación de una dirección de servidor alternativa en una respuesta PASV FTP. • https://www.exploit-db.com/exploits/29770 http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf http://secunia.com/advisories/24889 http://secunia.com/advisories/27108 http://securitytracker.com/id?1017801 http://www.kde.org/info/security/advisory-20070326-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2007:072 http://www.novell.com/linux/security/advisories/2007_6_sr.html http://www.redhat.com/support/errata/RHSA-2007-0909.html http://www.secur • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2007-1565
https://notcve.org/view.php?id=CVE-2007-1565
Konqueror 3.5.5 allows remote attackers to cause a denial of service (crash) by using JavaScript to read a child iframe having an ftp:// URI. Konqueror 3.5.5 permite a atacantes remotos provocar una denegación de servicio (caída) usando JavaScript para leer un iframe hijo teniendo una ftp:// URI. • http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf •
CVE-2007-1308 – KDE Konqueror 3.5 - JavaScript IFrame Denial of Service
https://notcve.org/view.php?id=CVE-2007-1308
ecma/kjs_html.cpp in KDE JavaScript (KJS), as used in Konqueror in KDE 3.5.5, allows remote attackers to cause a denial of service (crash) by accessing the content of an iframe with an ftp:// URI in the src attribute, probably due to a NULL pointer dereference. ecma/kjs_html.cpp en KDE JavaScript (KJS), como el usado en Konqueror en KDE 3.5.5, permite a atacantes remotos provocar una denegación de servicio (caída) accediendo al contenido de un iframe con un URL ftp:// en el atributo src, probablemente debido a una referencia a un puntero nulo. • https://www.exploit-db.com/exploits/29713 http://bindshell.net/advisories/konq355 http://bindshell.net/advisories/konq355/konq355-patch.diff http://lists.grok.org.uk/pipermail/full-disclosure/2007-March/052793.html http://secunia.com/advisories/27108 http://securityreason.com/securityalert/2345 http://www.mandriva.com/security/advisories?name=MDKSA-2007:054 http://www.redhat.com/support/errata/RHSA-2007-0909.html http://www.securityfocus.com/archive/1/461897/100/0/threaded http:/ • CWE-399: Resource Management Errors •
CVE-2007-0537 – konqueror XSS
https://notcve.org/view.php?id=CVE-2007-0537
The KDE HTML library (kdelibs), as used by Konqueror 3.5.5, does not properly parse HTML comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks and bypass some XSS protection schemes by embedding certain HTML tags within a comment in a title tag, a related issue to CVE-2007-0478. La biblioteca HTML KDE (kdelibs), como es usado en Konqueror versión 3.5.5, no analiza de manera apropiada los comentarios HTML, lo que permite a los atacantes remotos conducir ataques de tipo Cross-Site Scripting (XSS) y omitir algunos esquemas de protección XSS mediante la incorporación de ciertas etiquetas HTML en un comentario en una etiqueta title, un problema relacionado con CVE-2007-0478. • http://osvdb.org/32975 http://secunia.com/advisories/23932 http://secunia.com/advisories/24013 http://secunia.com/advisories/24065 http://secunia.com/advisories/24442 http://secunia.com/advisories/24463 http://secunia.com/advisories/24889 http://secunia.com/advisories/27108 http://securitytracker.com/id?1017591 http://www.gentoo.org/security/en/glsa/glsa-200703-10.xml http://www.kde.org/info/security/advisory-20070206-1.txt http://www.mandriva.com/security/advisories? • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •