Hi,
CVE-2014-3800 was assigned now for the issue that mode 0644 is used
for the file containing the password, see [1].
[1] http://www.openwall.com/lists/oss-security/2014/05/20/5
Regards,
Salvatore
___
pkg-multimedia-maintainers mailing list
Processing control commands:
found -1 2:11.0~git20120510.82388d5-1
Bug #747428 [xbmc] [xbmc] passwords are stored in plain xml file
Marked as found in versions xbmc/2:11.0~git20120510.82388d5-1.
tags -1 confirmed
Bug #747428 [xbmc] [xbmc] passwords are stored in plain xml file
Added tag(s)
Control: found -1 2:11.0~git20120510.82388d5-1
Control: tags -1 confirmed
2014-05-08 16:41 GMT+02:00 Adrien Grellier pe...@adrieng.fr:
Package: xbmc
Version: 2:13.0+dfsg1-1
Severity: grave
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Hi,
I just add a webdav
Package: xbmc
Version: 2:13.0+dfsg1-1
Severity: grave
Tags: security
X-Debbugs-CC: secure-testing-t...@lists.alioth.debian.org
Hi,
I just add a webdav source in xbmc, so it asks for a username and password. But
these informations are then stored in a plain XML file: