7 matches found
EUVD-2006-5434
Malware in sbrugna...
Gentoo Security Advisory GLSA 200611-22 (horde-ingo)
The remote host is missing updates announced in advisory GLSA 200611-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Ingo H3: Folder name shell command injection
Background Ingo H3 is a generic frontend for editing Sieve, procmail, maildrop and IMAP filter rules. Description Ingo H3 fails to properly escape shell metacharacters in procmail rules. Impact A remote authenticated attacker could craft a malicious rule which could lead to the execution of...
GLSA-200611-22 : Ingo H3: Folder name shell command injection
The remote host is affected by the vulnerability described in GLSA-200611-22 Ingo H3: Folder name shell command injection Ingo H3 fails to properly escape shell metacharacters in procmail rules. Impact : A remote authenticated attacker could craft a malicious rule which could lead to the executio...
CVE-2006-5449
procmail in Ingo H3 before 1.1.2 Horde module allows remote authenticated users to execute arbitrary commands via shell metacharacters in the mailbox destination of a filter rule...
CVE-2006-5449
CVE-2006-5449 affects Ingo H3 (Horde module) and allows remote authenticated users to execute arbitrary shell commands via metacharacters in the mailbox destination of a filter rule. The issue arises from inadequate escaping in procmail rule generation. Affected software is Ingo H3 up to version ...
CVE-2006-5449
procmail in Ingo H3 before 1.1.2 Horde module allows remote authenticated users to execute arbitrary commands via shell metacharacters in the mailbox destination of a filter rule...