eGroupWare JiNN Arbitrary File Access

2004-11-06T04:59:37
ID OSVDB:11494
Type osvdb
Reporter OSVDB
Modified 2004-11-06T04:59:37

Description

Vulnerability Description

JiNN contains a flaw that may allow an attacker to download arbitrary files. No further details have been provided.

Solution Description

Upgrade to version 0.8.203 of JiNN, 1.0.00.006 of eGroupWare, or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

JiNN contains a flaw that may allow an attacker to download arbitrary files. No further details have been provided.

References:

Vendor URL: http://www.egroupware.org/ Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?group_id=78745&release_id=280695 Vendor Specific News/Changelog Entry: http://cvs.sourceforge.net/viewcvs.py/egroupware/jinn/CHANGELOG?view=markup Vendor Specific Advisory URL Security Tracker: 1012118 Secunia Advisory ID:13110