Clear-text Password Storage in Krusader's Popular URL Capability

Clear-text Password Storage in Krusader's Popular URL Capability

CVE-2005-3856 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Popular URL capability (popularurls.cpp) in Krusader 1.60.0 and 1.70.0-beta1 saves passwords in cleartext in the krusaderrc file when the user enters URLs containing passwords in the panel URL field, which might allow attackers to access other sites.

Learn more about our User Device Pen Test.