CVE-2005-3856

NameCVE-2005-3856
DescriptionThe Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
NVD severitymedium
Debian Bugs336169

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
krusader (PTS)stretch2:2.5.0-2fixed
buster2:2.7.1-1fixed
bookworm, sid, bullseye2:2.7.2-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
krusadersourcesarge(not affected)
krusadersource(unstable)1.70.0-1low336169

Notes

This seems to be a dupe of CVE-2006-3816, pinged MITRE
Search for package or bug name: Reporting problems