[Frugalware-security] [ FSA-358 ] horde-webmail

voroskoi noreply at frugalware.org
Mon Jan 21 21:18:12 CET 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-358

Date: 2008-01-21
Package: horde-webmail
Vulnerable versions: <= 1.0.1-3
Unaffected versions: >= 1.0.1-4sayshell1
Related bugreport: http://bugs.frugalware.org/task/2693
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018

Description
===========

Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data.
The HTML filter does not filter out frame and frameset HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail.
Successful exploitation requires that the victim opens the HTML part of a malicious message.

Updated Packages
================

Check if you have horde-webmail installed:

	# pacman-g2 -Q horde-webmail

If found, then you should upgrade to the latest version:

	# pacman-g2 -Sy horde-webmail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFHlP4EZ7NElSD1VhkRAo3ZAJsG4K82nF9b3L4p0I2I+zeZvs5xYwCfZG/z
0fq4ckoThf9UtxmkoKv74h0=
=Jt2J
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list