CVE-2005-3856 : The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1

The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

Published 2005-11-27 20:03:00

Updated 2025-04-03 01:03:51

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2005-3856

Krusader » Krusader » Version: 1.60.0
cpe:2.3:a:krusader:krusader:1.60.0:*:*:*:*:*:*:*
Matching versions
Krusader » Krusader » Version: 1.70.0 Beta1
cpe:2.3:a:krusader:krusader:1.70.0_beta1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2005-3856

EPSS FAQ

0.36%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 55 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2005-3856

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.0	MEDIUM	AV:N/AC:L/Au:S/C:P/I:N/A:N	8.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None

References for CVE-2005-3856

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336169

#336169 - krusader: Security hole in Popular URL-s - Debian Bug report logs
Patch;Vendor Advisory
http://www.krusader.org/phpBB/viewtopic.php?t=1368

404 Not Found
Patch
http://www.krusader.org/phpBB/viewtopic.php?t=1367

404 Not Found
Vendor Advisory

Jump to

Vulnerability Details : CVE-2005-3856

Products affected by CVE-2005-3856

Exploit prediction scoring system (EPSS) score for CVE-2005-3856

CVSS scores for CVE-2005-3856

References for CVE-2005-3856