Описание
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2007-1564
- https://issues.rpath.com/browse/RPL-1201
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10646
- http://bindshell.net/papers/ftppasv/ftp-client-pasv-manipulation.pdf
- http://secunia.com/advisories/24889
- http://secunia.com/advisories/27108
- http://securitytracker.com/id?1017801
- http://www.kde.org/info/security/advisory-20070326-1.txt
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:072
- http://www.novell.com/linux/security/advisories/2007_6_sr.html
- http://www.redhat.com/support/errata/RHSA-2007-0909.html
- http://www.securityfocus.com/bid/23091
- http://www.ubuntu.com/usn/usn-447-1
- http://www.vupen.com/english/advisories/2007/1076
Связанные уязвимости
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
The FTP protocol implementation in Konqueror 3.5.5 allows remote serve ...
ELSA-2007-0909: Moderate: kdelibs security update (MODERATE)