Lucene search
GoogleOSV:DSA-459HistoryMar 10, 2004 - 12:00 a.m.
kdelibs - cookie path traversal
2004-03-1000:00:00
Google
osv.dev
13
EPSS
0.011
Percentile
84.1%
A vulnerability was discovered in KDE where the path restrictions on
cookies could be bypassed using encoded relative path components
(e.g., “/…/”). This means that a cookie which should only be sent by
the browser to an application running at /app1, the browser could
inadvertently include it with a request sent to /app2 on the same
server.
For the current stable distribution (woody) this problem has been
fixed in kdelibs version 4:2.2.2-6woody3 and kdelibs-crypto version
4:2.2.2-13.woody.9.
For the unstable distribution (sid) this problem was fixed in kdelibs
version 4:3.1.3-1.
We recommend that you update your kdelibs and kdelibs-crypto packages.
References
Related
openvas
openvas
Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)
2008-01-17 00:00:00
Debian Security Advisory DSA 459-1 (kdelibs, kdelibs-crypto)
2008-01-17 00:00:00
nessus
nessus
RHEL 2.1 : kdelibs (RHSA-2004:074)
2004-07-06 00:00:00
Debian DSA-459-1 : kdelibs - cookie path traversal
2004-09-29 00:00:00
Mandrake Linux Security Advisory : kdelibs (MDKSA-2004:022)
2004-07-31 00:00:00
redhat
redhat
(RHSA-2004:074) kdelibs security update
2004-03-10 00:00:00
nvd
nvd
CVE-2003-0592
2004-04-15 04:00:00
cvelist
cvelist
CVE-2003-0592
2004-03-16 05:00:00
cve
cve
CVE-2003-0592
2004-04-15 04:00:00
debian
debian
suse
suse
remote denial-of-service in openssl
2004-03-17 13:37:40
securityvulns
securityvulns