Red Hat Bugzilla – Bug 192202
CVE-2006-2442 kphone information disclosure flaw
Last modified: 2007-11-30 17:11:33 EST
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which
allows local users to read usernames and SIP passwords.
This Debian bug has more information:
This issue should also affect kphone in FE 4
I will apply the patch from the debian bug report today.