CVE-2007-1564 - Computer security: vulnerabilities and exploits database

[EN] securityvulns.ru
no-pyccku

CVE CVE-2007-1564
Status Candidate
Description The FTP protocol implementation in Konqueror 3.5.5 allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response.
Severity Medium
CVSS score 5,6
CVSS vector (AV:R/AC:H/Au:NR/C:P/I:P/A:P/B:N)
Phase Assigned (21.03.2007)
NVD: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1564
References BID : 23091
CONFIRM : http://www.kde.org/info/security/advisory-20070326...
CONFIRM : https://issues.rpath.com/browse/RPL-1201
FRSIRT : ADV-2007-1076
MANDRIVA : MDKSA-2007:072
MISC : http://bindshell.net/papers/ftppasv/ftp-client-pas...
SECTRACK : 1017801
SECUNIA : 24889
SUSE : SUSE-SR:2007:006
UBUNTU : USN-447-1
SecurityVulns: Multiple FTP clients FTP bounce attack