[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#285128: CAN-2004-1165: FTP command injection bug

Package: konqueror
Version: 3.3.1
Tags: security
Severity: serious

CAN-2004-1165 is about a security hole in konqueror that allows
arbitrary ftp commands to be inserted in a URL via URL-encoded newlines.
Details about this hole are here:

The advisory says that it affects version >= 3.3.1, so perhaps our
3.2.3-1/2.3.3-1 in t-p-u/testing are not vulnerable. I've not checked.

see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to: