kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-02-05T19:00:00

Updated: 2024-08-06T15:27:39.169Z

Reserved: 2013-02-19T00:00:00

Link: CVE-2013-2074

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-02-05T19:55:28.703

Modified: 2024-11-21T01:50:59.087

Link: CVE-2013-2074

cve-icon Redhat

Severity : Low

Publid Date: 2013-05-06T00:00:00Z

Links: CVE-2013-2074 - Bugzilla