SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Browser)  >   KDE Konqueror Vendors:   KDE.org
(Slackware Issues Fix) KDE Konqueror May Disclose URL-based Passwords to Remote Users Via the Referer Field
SecurityTracker Alert ID:  1007374
SecurityTracker URL:  http://securitytracker.com/id/1007374
CVE Reference:   CAN-2003-0459   (Links to External Site)
Date:  Aug 2 2003
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 3.1.2 and prior versions
Description:   An information disclosure vulnerability was reported in the KDE Konqueror web browser. The browser may leak URL-based authentication information via the HTTP Referer field.

It is reported that the web browser may disclose the target user's authentication credentials for one web site to other web sites via the HTTP Referer header field. This can occur when the authentication credentials are provided via the URL (in the form 'http://user:password@host/').

The vendor indicates that Konqueror/Embedded is also vulnerable.

The following notification timeline is provided:

07/03/2003 Notification of security@kde.org by George Staikos
07/10/2003 Fixed in KDE CVS.
07/11/2003 OS vendors / binary package providers alerted and provided with patches.
07/29/2003 Public Security Advisory by the KDE Security team.
Impact:   A remote user may be able to obtain the target user's authentication credentials by monitoring the HTTP Referer field.
Solution:   Slackware has released a fix for Slackware 9.0:

ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kde/*.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kdei/*.tgz
Vendor URL:  www.kde.org/info/security/advisory-20030729-1.txt (Links to External Site)
Cause:   Access control error, State error
Underlying OS:   Linux (Slackware)

Message History:   This archive entry is a follow-up to the message listed below.
Jul 29 2003 KDE Konqueror May Disclose URL-based Passwords to Remote Users Via the Referer Field


 Source Message Contents
Date:  Fri, 1 Aug 2003 17:05:11 -0700 (PDT)
Subject:  [slackware-security] KDE packages updated (SSA:2003-213-01)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  KDE packages updated (SSA:2003-213-01)

New KDE packages are available for Slackware 9.0.  These address a
security issue where Konqueror may leak authentication credentials.


Here are the details from the Slackware 9.0 ChangeLog:
+--------------------------+
Fri Aug  1 15:15:51 PDT 2003
patches/packages/kde/*:  Upgraded to KDE 3.1.3.
  Note that this update addresses a security problem in Konqueror which may
  cause authentication credentials to be leaked to an unintended website
  through the HTTP-referer header when they have been entered into Konqueror
  as a URL of the form:
    http://user:password@host/
  For more information about this issue, please see the KDE advisory:
    http://www.kde.org/info/security/advisory-20030729-1.txt
We recommend that sites running KDE install this update.
(* Security fix *)
patches/packages/kdei/*:  New internationalization packages for KDE 3.1.3.
+--------------------------+


WHERE TO FIND THE NEW PACKAGES:
+-----------------------------+

Updated packages for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kde/*.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/kdei/*.tgz

These packages are signed with our GPG key:
http://slackware.com/gpg-key


INSTALLATION INSTRUCTIONS:
+------------------------+

Upgrade using upgradepkg (as root):
upgradepkg *.tgz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@slackware.com

+------------------------------------------------------------------------+
| HOW TO REMOVE YOURSELF FROM THIS MAILING LIST:                         |
+------------------------------------------------------------------------+
| Send an email to majordomo@slackware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back.  Follow the instructions to  |
| complete the unsubscription.  Do not reply to this message to          |
| unsubscribe!                                                           |
+------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Kv5QakRjwEAQIjMRAmmbAJ0YeK5WuUjzQkkCt72O4R5yRkrVigCdHqWo
1EbU2zkcVZFkZmUSPYtbbpU=
=c8IL
-----END PGP SIGNATURE-----


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC