Lucene search
AnonymousEDB-ID:29746HistoryMar 15, 2007 - 12:00 a.m.
Horde Framework and IMP 2.x/3.x - Cleanup Cron Script Arbitrary File Deletion
2007-03-1500:00:00
anonymous
www.exploit-db.com
12
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/22985/info
Horde Framework and IMP are prone to a vulnerability that allows a local attacker to delete arbitrary files in the context of the user running the application.
A successful attack can reduce the integrity of affected computers and may aid in further attacks.
An attacker could exploit this issue by creating a file '/tmp/x /etc/passwd /tmpmswordx' and running the affected cron script. This will result in the deletion of '/tmp/x', '/etc/passwd', and '/tmp/mswordx'. Related
cve
cve
CVE-2007-1474
2007-03-16 21:19:00
prion
prion
Design/Logic Flaw
2007-03-16 21:19:00
ubuntucve
ubuntucve
CVE-2007-1474
2007-03-16 00:00:00
cvelist
cvelist
CVE-2007-1474
2007-03-16 21:00:00
nvd
nvd
CVE-2007-1474
2007-03-16 21:19:00
osv
osv
horde3 - several vulnerabilities
2007-11-09 00:00:00
nessus
nessus
Debian DSA-1406-1 : horde3 - several vulnerabilities
2007-11-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1406-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1406-1 (horde3)
2008-01-17 00:00:00
debian
debian
[SECURITY] [DSA 1406-1] New horde3 packages fix several vulnerabilities
2007-11-09 22:47:35
securityvulns
securityvulns