3 results (0.005 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

The Quick Connection dialog in Konversation 0.15 inadvertently uses the user-provided password as the nickname instead of the user-provided nickname when connecting to the IRC server, which could leak the password to other users. El diálogo de Conexión Rápidad en Konversation 0.15 usa inadvertidamente la contraseña suministrada por el usuario como el apodo en lugar del apodo suministrado por el usuario cuando se conecta a un servidor IRC, lo que podría filtrar la contraseña a otros usuarios. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html http://marc.info/?l=bugtraq&m=110626383310742&w=2 http://secunia.com/advisories/13919 http://secunia.com/advisories/13989 http://securitytracker.com/id?1012972 http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml http://www.kde.org/info/security/advisory-20050121-1.txt http://www.securityfocus.com/bid/12312 https://exchange.xforce.ibmcloud.com/vulnerabilities/19038 •

CVSS: 7.5EPSS: 10%CPEs: 1EXPL: 1

The Quick Buttons feature in Konversation 0.15 allows remote attackers to execute certain IRC commands via a channel name containing "%" variables, which are recursively expanded by the Server::parseWildcards function when the Part Button is selected. La característica de Botones Rápidos en Konversation 0.15 permite atacantes remotos ejecutar ciertos comandos IRC mediante un nombre de canal conteniendo variables "%", con son expandidas recursivamente por la función Server::parseWildcards cuando el botón "Partir" está seleccionado. • https://www.exploit-db.com/exploits/25054 http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html http://marc.info/?l=bugtraq&m=110626383310742&w=2 http://secunia.com/advisories/13919 http://secunia.com/advisories/13989 http://securitytracker.com/id?1012972 http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml http://www.kde.org/info/security/advisory-20050121-1.txt http://www.securityfocus.com/bid/12312 https://exchange.xforce.ibmcloud.com/vulne •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC scripts. Ciertos scripts Perl en Konversation 0.15 permiten a atacantes remotos ejecutar comandos mediante metacaractéres de shell en (1) nombres de canal o (2) nombres de canciones que no son entrecomillados adecuadamente cuando el usuario ejecuta scripts IRC. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-January/031033.html http://marc.info/?l=bugtraq&m=110626383310742&w=2 http://secunia.com/advisories/13919 http://secunia.com/advisories/13989 http://securitytracker.com/id?1012972 http://www.gentoo.org/security/en/glsa/glsa-200501-34.xml http://www.kde.org/info/security/advisory-20050121-1.txt http://www.securityfocus.com/bid/12312 https://exchange.xforce.ibmcloud.com/vulnerabilities/19008 •