MidnightBSD

Advisories for krusader

CVE-2005-3856 MEDIUM

The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
krusader krusader 1.60.0
krusader krusader 1.70.0_beta1
CVE-2006-3816 HIGH

Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
krusader krusader 1.50_beta1
krusader krusader 1.70.0
krusader krusader 1.60.0
krusader krusader 1.70.0_beta1