RSS   Vulnerabilities for 'Krusader'   RSS

2006-07-25
 
CVE-2006-3816

 

 
Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.

 
2005-11-27
 
CVE-2005-3856

 

 
The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

 


Copyright 2019, cxsecurity.com

 

Back to Top