Family: Debian Local Security Checks --> Category: infos
[DSA1062] DSA-1062-1 kphone Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
Sven Dreyer discovered that KPhone, a Voice over IP client for KDE,
creates a configuration file world-readable, which could leak sensitive
information like SIP passwords.
The old stable distribution (woody) doesn't contain kphone packages.
For the stable distribution (sarge) this problem has been fixed in
For the unstable distribution (sid) this problem has been fixed in
We recommend that you upgrade your kphone package. If your current kphonerc
has too lax permissions, you'll need to reset them manually.
Solution : http://www.debian.org/security/2006/dsa-1062
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.