Package: kdelibs Version: 3.2.3-2 Severity: grave The KIOSlave FTP client is vulnerable to the same exploit as Internet Explorer:
http://lists.netsys.com/pipermail/full-disclosure/2004-December/030229.html Anything that can pass an FTP URL to it, i.e. a malicious website viewed in Konqueror, can cause it to send mail without user interaction. A proposed, untested patch is attached. -- Ian Gulliver Penguin Hosting "Failure is not an option; it comes bundled with your Microsoft products."
--- kdelibs-3.2.3/kioslave/ftp/ftp.cc 2004-02-15 16:15:27.000000000 -0500
+++ kdelibs-3.2.3-ftp-fixed/kioslave/ftp/ftp.cc 2004-12-25 00:44:27.000000000
-0500
@@ -652,6 +652,9 @@
{
assert( sControl > 0 );
+ if (cmd.find('\r') != -1 || cmd.find('\n') != -1)
+ return false;
+
QCString buf = cmd;
buf += "\r\n";
signature.asc
Description: Digital signature
