This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated kdelibs packages that resolve several security flaws are now
available for Red Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the
Red Hat Security Response Team.
The kdelibs package provides libraries for the K Desktop Environment
Two cross-site-scripting flaws were found in the way Konqueror
processes certain HTML content. This could result in a malicious
attacker presenting misleading content to an unsuspecting user.
A flaw was found in the way Konqueror handled certain FTP PASV
commands. A malicious FTP server could use this flaw to perform a
rudimentary port-scan of machines behind a user's firewall.
Two Konqueror address spoofing flaws have been discovered. It was
possible for a malicious website to cause the Konqueror address bar to
display information which could trick a user into believing they are
at a different website than they actually are. (CVE-2007-3820,
Users of KDE should upgrade to these updated packages, which contain
backported patches to correct these issues.
See also :
Update the affected kdelibs, kdelibs-apidocs and / or kdelibs-devel
Risk factor :
Medium / CVSS Base Score : 6.8