322 matches found
Horde IMP 2.2.x - Session Hijacking
Horde IMP 2.2.x - Session Hijacking source: https://www.securityfocus.com/bid/3525/info IMP is a powerful web-based mail interface/client developed by members of the Horde project. Encoded HTML tags are not stripped from requests to access 'status.php3'. It is possible for a remote attacker to...
CVE-2001-0744
Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file...
CVE-2001-0744
Summary: CVE-2001-0744 affects Horde IMP 2.2.4 and earlier. The vulnerability arises from a symlink attack on a temporary file that allows local users to overwrite files. The impact is limited to local integrity (partial) with no confidentiality or availability impact stated, according to the pro...
[SECURITY] [DSA-073-1] 3 security problems in imp
Package : imp Problem type : 3 remote exploits Debian-specific: no The Horde team released version 2.2.6 of IMP a web based IMAP mail program which fixes three security problems. Their release announcement describes them as follows: 1. A PHPLIB vulnerability allowed an attacker to provide a value...
IMP 2.2.6 (SECURITY) released
The Horde team announces the availability of IMP 2.2.6, which fixes three potential security issues. We strongly recommend that all sites running IMP 2.2.x upgrade to this version. 1 A PHPLIB vulnerability allowed an attacker to provide a value for the array element $PHPLIBlibdir, and thus to get...
Дырка в Horde IMP (code execution)
Неинициализированные PHP-переменные позволяют выполнение скрипта заданного атакующим. Кроме того есть другие уязвимости...
Horde 1.2.x/2.1.3 and Imp 2.2.x/3.1.2 - File Disclosure
source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI parameters. By specifying a malicious INBOX file in a request,...
Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure
Horde 1.2.x2.1.3 and Imp 2.2.x3.1.2 - File Disclosure source: https://www.securityfocus.com/bid/3067/info A vulnerability has been discovered in Horde Imp which may allow an attacker to access arbitrary system files. The issue occurs due to insufficient sanity checks on user-supplied URI...
CVE-2000-0911
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachmentname hidden form variable, which causes IMP to send the file to the attacker as an attachment...
CVE-2000-0911
CVE-2000-0911 affects IMP 2.2 and earlier. The vulnerability arises from modifying the hidden attachment_name form variable, enabling an attacker to read and delete arbitrary files by causing IMP to send the targeted file to the attacker as an attachment. The available sources confirm the affecte...
CVE-2000-0911
IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachmentname hidden form variable, which causes IMP to send the file to the attacker as an attachment...
CVE-2000-0459
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request...
CVE-2000-0459
The CVE-2000-0459 issue affects IMP with the MSWordView process. The root cause is that IMP does not remove files properly when MSWordView quits, allowing a local attacker to cause a denial of service by depleting disk space through repeated requests for a large number of documents and an early t...
CVE-2000-0458
CVE-2000-0458 affects the MSWordView application in IMP, which creates world-readable files in the /tmp directory. This allows other local users to read potentially sensitive information. The publicly reported details indicate a local-privilege-confidentiality exposure due to insecure temporary f...
Horde library Bug part 2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Horde Library $from Bug part 2 + How to exploit with IMP and Sendmail Description: The Fix of the first detected problem with the $from variable in the horde library was just escaping shellchars which avoids directly executing commands. It is still...
(SRADV00003) Arbitrary file disclosure through IMP
================================================= Secure Reality Pty Ltd. Security Advisory 3 SRADV00003 http://www.securereality.com.au ================================================= Title Arbitrary file disclosure through IMP Released 12/09/2000 Vulnerable Most all? versions of IMP 2.2.1...
Дырка в IMP
Имя временного файла хранится как скрытое поле формы, что позволяет получить доступ к любому файлу на сервере...
Дырки в IMP
IMP/MSWordView сохраняет временные файлы, содержащие документы Word. Это позволяет любому желающему подсмотреть эти файлы, кроме того возможна отака на отказ путем создания большого числа файлов...
horde.txt
Date: Fri, 8 Sep 2000 17:03:36 +0200 Sender: Bugtraq List From: "Winter, Christian" Subject: horde library bug - unchecked from-address To: [email protected] Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a pape...
[SECURITY] New version of horde and imp released
Package : horde and imp Problem type : remote exploit Debian-specific: no imp as distributed in Debian GNU/Linux 2.2 suffered from insufficient checking of user supplied data: the IMP webmail interface did not check the $from variable which contains the sender address for shell metacharacters. Th...