Horde Imp Webmail status.php3 message Parameter XSS

The remote server is running IMP 2.2.7. Such versions are potentially affected by a cross-site scripting attack which can be used by an attacker to hijack a victim's IMP session. Nessus solely relied on the version number of your installation, so if you applied the hotfix already, consider this...

Horde IMP 2.2.x - Session Hijacking

source: https://www.securityfocus.com/bid/3525/info IMP is a powerful web-based mail interface/client developed by members of the Horde project. Encoded HTML tags are not stripped from requests to access 'status.php3'. It is possible for a remote attacker to construct a link which when clicked wi...

Horde IMP 2.2.x - Session Hijacking

Horde IMP 2.2.x - Session Hijacking source: https://www.securityfocus.com/bid/3525/info IMP is a powerful web-based mail interface/client developed by members of the Horde project. Encoded HTML tags are not stripped from requests to access 'status.php3'. It is possible for a remote attacker to...

CVE-2001-0744

Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file...

CVE-2001-0744

Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file...

CVE-2001-0744

Summary: CVE-2001-0744 affects Horde IMP 2.2.4 and earlier. The vulnerability arises from a symlink attack on a temporary file that allows local users to overwrite files. The impact is limited to local integrity (partial) with no confidentiality or availability impact stated, according to the pro...

Дырка в Horde IMP (code execution)

Неинициализированные PHP-переменные позволяют выполнение скрипта заданного атакующим. Кроме того есть другие уязвимости...

CVE-2001-1257

Cross-site scripting vulnerability in Horde Internet Messaging Program IMP before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email...

CVE-2001-1258

Horde Internet Messaging Program IMP before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server...

Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 - File Disclosure

source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a malicious INBOX file in a request,...

Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure

Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI...

CVE-2000-0910

Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address...

CVE-2000-0910

Affected software: Horde library 1.02. Vulnerability: arbitrary commands can be executed via shell metacharacters in the from address. Root cause: lack of proper sanitization of shell metacharacters in the From field. Impact: potential remote code execution as implied by command execution in the ...

CVE-2000-0910

Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address...

Дырка в библиотеке horde

При обработке поля From: не проверяется наличие метасимволов, что позволяет вставить шелл-команды в письмо...

Horde library Bug part 2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Horde Library $from Bug part 2 + How to exploit with IMP and Sendmail Description: The Fix of the first detected problem with the $from variable in the horde library was just escaping shellchars which avoids directly executing commands. It is still...

horde-imp.txt

Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a paper for sysadmins who want to secure their systems. It is NOT a how to for scriptkiddies to run any attack on a IMP-using site. The authors of this text will not be hel...

horde.txt

Date: Fri, 8 Sep 2000 17:03:36 +0200 Sender: Bugtraq List From: "Winter, Christian" Subject: horde library bug - unchecked from-address To: [email protected] Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a pape...

[SECURITY] New version of horde and imp released

Package : horde and imp Problem type : remote exploit Debian-specific: no imp as distributed in Debian GNU/Linux 2.2 suffered from insufficient checking of user supplied data: the IMP webmail interface did not check the $from variable which contains the sender address for shell metacharacters. Th...

[SECURITY] New version of horde and imp released

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 10, 2000 - ------------------------------------------------------------------------ Package : horde and imp Problem type...