Package: kdelibs4c2a Version: 4:3.5.5a.dfsg.1-5 Severity: grave Tags: security patch Justification: user security hole
The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in a FTP PASV command. http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1564 This issue have ben addressed in the -7 upload. /Sune -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
