CVE-2005-3856

Name	CVE-2005-3856
Description	The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severity	medium
Debian Bugs	336169

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
krusader (PTS)	stretch	2:2.5.0-2	fixed
	buster	2:2.7.1-1	fixed
	bullseye, sid	2:2.7.2-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
krusader	source	sarge	(not affected)
krusader	source	(unstable)	1.70.0-1	low		336169

This seems to be a dupe of CVE-2006-3816, pinged MITRE