Family: Mandrake Local Security Checks --> Category: infos
MDKSA-2003:079: kdelibs Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the kdelibs package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory MDKSA-2003:079 (kdelibs).
A vulnerability in Konqueror was discovered where it could inadvertently send
authentication credentials to websites other than the intended site in clear
text via the HTTP-referer header when authentication credentials are passed as
part of a URL in the form http://user:password@host/.
The provided packages have a patch that corrects this issue.
Solution : http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2003:079
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.