Lucene search
GoogleOSV:DSA-1062-1HistoryMay 19, 2006 - 12:00 a.m.
kphone - insecure file creation
2006-05-1900:00:00
Google
osv.dev
7
EPSS
0
Percentile
5.1%
Sven Dreyer discovered that KPhone, a Voice over IP client for KDE,
creates a configuration file world-readable, which could leak sensitive
information like SIP passwords.
The old stable distribution (woody) doesn’t contain kphone packages.
For the stable distribution (sarge) this problem has been fixed in
version 4.1.0-2sarge1.
For the unstable distribution (sid) this problem has been fixed in
version 4.2-6.
We recommend that you upgrade your kphone package. If your current kphonerc
has too lax permissions, you’ll need to reset them manually.
References
Related
debian
debian
[SECURITY] [DSA 1062-1] New kphone packages fix information disclosure
2006-05-19 18:45:21
ubuntucve
ubuntucve
CVE-2006-2442
2006-05-18 00:00:00
nessus
nessus
Debian DSA-1062-1 : kphone - insecure file creation
2006-10-14 00:00:00
Mandrake Linux Security Advisory : kphone (MDKSA-2006:089)
2006-05-27 00:00:00
cvelist
cvelist
CVE-2006-2442
2006-05-18 10:00:00
prion
prion
Design/Logic Flaw
2006-05-18 10:02:00
openvas
openvas
Debian Security Advisory DSA 1062-1 (kphone)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-1062-1)
2008-01-17 00:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2006-2442
2006-05-18 10:02:00
cve
cve
CVE-2006-2442
2006-05-18 10:02:00