CVE-2011-1094 – kdelibs: SSL certificate for IP address accepted as valid for hosts that resolve to the IP
https://notcve.org/view.php?id=CVE-2011-1094
kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not properly verify that the server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a certificate issued by a legitimate Certification Authority for an IP address, a different vulnerability than CVE-2009-2702. kio/kio/tcpslavebase.cpp de KDE KSSL de kdelibs en versiones anteriores a la 4.6.1 no verifica apropiadamente que el nombre del servidor sea el mismo que el nombre de domino del subjeto de un certificado X.509, lo que permite a atacantes man-in-the-middle suplantar servidores SSL de su elección a través de un certificado suministrado por una autoridad de certificación legítima para una dirección IP. Una vulnerabilidad distinta a la CVE-2009-2702. • http://openwall.com/lists/oss-security/2011/03/08/13 http://openwall.com/lists/oss-security/2011/03/08/20 http://secunia.com/advisories/44108 http://www.mandriva.com/security/advisories?name=MDVSA-2011:071 http://www.securityfocus.com/bid/46789 http://www.ubuntu.com/usn/USN-1110-1 http://www.vupen.com/english/advisories/2011/0913 http://www.vupen.com/english/advisories/2011/0990 https://exchange.xforce.ibmcloud.com/vulnerabilities/65986 https://projects.kde.org/ • CWE-20: Improper Input Validation •
CVE-2009-2702
https://notcve.org/view.php?id=CVE-2009-2702
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority, a related issue to CVE-2009-2408. KDE KSSL en kdelibs v3.5.4, v4.2.4, y v4.3 no maneja apropiadamente un carácter '\0' en un nombre de dominio en el campo Nombre de Asunto Alternativo de un certificado X.509, lo que permite a los atacantes "hombre en el medio" suplantar un servidor SLL a través de certificados manipulados emitido por una Autoridad Certificadora legítima, un asunto relativo a CVE-2009-2408. • http://secunia.com/advisories/36468 http://www.mandriva.com/security/advisories?name=MDVSA-2009:330 http://www.mandriva.com/security/advisories?name=MDVSA-2011:162 http://www.vupen.com/english/advisories/2009/2532 https://bugzilla.redhat.com/show_bug.cgi?id=520661 • CWE-310: Cryptographic Issues •
CVE-2006-4811
https://notcve.org/view.php?id=CVE-2006-4811
Integer overflow in Qt 3.3 before 3.3.7, 4.1 before 4.1.5, and 4.2 before 4.2.1, as used in the KDE khtml library, kdelibs 3.1.3, and possibly other packages, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted pixmap image. El desbordamiento de enteros en el Qt 3.3 versiones anteriores a 3.3.7, 4.1 anteriores a 4.1.5, y 4.2 anteriores a 4.2.1, como el usado en la librería KDE khtml, kdelibs 3.1.3, y, posiblemente otros paquetes, permite a los atacantes remotos causar la denegación de servicio (caída) y la posibilidad de ejecutar código de su elección mediante una imagen pixmap manipulada. • ftp://patches.sgi.com/support/free/security/advisories/20061002-01-P ftp://patches.sgi.com/support/free/security/advisories/20061101-01-P http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=210742 http://lists.suse.com/archive/suse-security-announce/2006-Oct/0006.html http://secunia.com/advisories/22380 http://secunia.com/advisories/22397 http://secunia.com/advisories/22479 http://secunia.com/advisories/22485 http://secunia.com/advisories/22492 http://secunia.com/advisories/2 • CWE-189: Numeric Errors •
CVE-2004-1165 – KDE FTP - KIOSlave URI Arbitrary FTP Server Command Execution
https://notcve.org/view.php?id=CVE-2004-1165
Konqueror 3.3.1 allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. • https://www.exploit-db.com/exploits/24801 http://marc.info/?l=bugtraq&m=110245752232681&w=2 http://www.debian.org/security/2005/dsa-631 http://www.gentoo.org/security/en/glsa/glsa-200501-18.xml http://www.mandriva.com/security/advisories?name=MDKSA-2005:045 http://www.redhat.com/support/errata/RHSA-2005-009.html http://www.redhat.com/support/errata/RHSA-2005-065.html https://exchange.xforce.ibmcloud.com/vulnerabilities/18384 https://oval.cisecurity.org/repository/search •
CVE-2003-0459
https://notcve.org/view.php?id=CVE-2003-0459
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. KDE Konqueror de KDE 3.1.2 y anteriores no elimina los credenciales de autenticación de URLs de la forma "usuario:contraseña@máquina" en la cabecera HTTP-Referer, lo que podría permitir a sitios web remotos robar las credenciales de páginas que enlazan a esos sitios. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000747 http://lists.grok.org.uk/pipermail/full-disclosure/2003-July/007300.html http://marc.info/?l=bugtraq&m=105986238428061&w=2 http://www.debian.org/security/2003/dsa-361 http://www.kde.org/info/security/advisory-20030729-1.txt http://www.mandriva.com/security/advisories?name=MDKSA-2003:079 http://www.redhat.com/support/errata/RHSA-2003-235.html http://www.redhat.com/support/errata/RHSA-2003-236.html http:& •