FTP Implementation Flaw in Konqueror 3.5.5 Exposes Users to Remote Attacks
CVE-2007-1564

Currently unrated

Key Information:

Vendor

Kde

Status
Konqueror
Vendor
CVE Published:
21 March 2007

What is CVE-2007-1564?

The FTP protocol implementation in Konqueror 3.5.5 presents a security flaw that enables remote servers to manipulate client connections. By specifying a different server address in the FTP PASV response, attackers can coerce the client into connecting to unauthorized servers. This exploitation allows attackers to conduct proxied port scans, gaining potential access to sensitive information and increasing the risk of data breaches.

References

http://www.redhat.com/support/errata/RHSA-2007-0909.html
vendor-advisoryx_refsource_REDHAT
https://issues.rpath.com/browse/RPL-1201
x_refsource_CONFIRM
http://secunia.com/advisories/24889
third-party-advisoryx_refsource_SECUNIA

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.