CVE-2005-3856

NameCVE-2005-3856
DescriptionThe Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs336169

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
krusader (PTS)jessie1:2.4.0~beta3-2fixed
stretch2:2.5.0-2fixed
buster2:2.7.1-1fixed
bullseye2:2.7.2-2fixed
bookworm2:2.8.0-1fixed
sid, trixie2:2.8.1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
krusadersourcesarge(not affected)
krusadersource(unstable)1.70.0-1low336169

Notes

This seems to be a dupe of CVE-2006-3816, pinged MITRE

Search for package or bug name: Reporting problems