From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-200909-14.xml | 112 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 112 insertions(+) create mode 100644 metadata/glsa/glsa-200909-14.xml (limited to 'metadata/glsa/glsa-200909-14.xml') diff --git a/metadata/glsa/glsa-200909-14.xml b/metadata/glsa/glsa-200909-14.xml new file mode 100644 index 000000000000..7422ce6b886c --- /dev/null +++ b/metadata/glsa/glsa-200909-14.xml @@ -0,0 +1,112 @@ + + + + Horde: Multiple vulnerabilities + + Multiple vulnerabilities have been discovered in Horde and two modules, + allowing for the execution of arbitrary code, information disclosure, or + Cross-Site Scripting. + + horde horde-imp horde-passwd + 2009-09-12 + 2009-09-12: 01 + 256125 + 262976 + 262978 + 277294 + remote + + + 3.3.4 + 3.3.4 + + + 4.3.4 + 4.3.4 + + + 3.1.1 + 3.1.1 + + + +

+ Horde is a web application framework written in PHP. Horde IMP, the + "Internet Messaging Program", is a Webmail module and Horde Passwd is a + password changing module for Horde. +

+ + +

+ Multiple vulnerabilities have been discovered in Horde: +

+
    +
  • Gunnar Wrobel reported an input sanitation and directory traversal + flaw in framework/Image/Image.php, related to the "Horde_Image driver + name" (CVE-2009-0932).
    • +
  • Gunnar Wrobel reported that data sent + to horde/services/portal/cloud_search.php is not properly sanitized + before used in the output (CVE-2009-0931).
    • +
  • It was reported + that data sent to framework/Text_Filter/Filter/xss.php is not properly + sanitized before used in the output (CVE-2008-5917).
    • +

+ Horde Passwd: David Wharton reported that data sent via the "backend" + parameter to passwd/main.php is not properly sanitized before used in + the output (CVE-2009-2360). +

+

+ Horde IMP: Gunnar Wrobel reported that data sent to smime.php, pgp.php, + and message.php is not properly sanitized before used in the output + (CVE-2009-0930). +

+ + +

+ A remote authenticated attacker could exploit these vulnerabilities to + execute arbitrary PHP files on the server, or disclose the content of + arbitrary files, both only if the file is readable to the web server. A + remote authenticated attacker could conduct Cross-Site Scripting + attacks. NOTE: Some Cross-Site Scripting vectors are limited to the + usage of Microsoft Internet Explorer. +

+ + +

+ There is no known workaround at this time. +

+ + +

+ All Horde users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apps/horde-3.3.4" +

+ All Horde IMP users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apps/horde-imp-4.3.4" +

+ All Horde Passwd users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-apps/horde-passwd-3.1.1" + + + CVE-2008-5917 + CVE-2009-0930 + CVE-2009-0931 + CVE-2009-0932 + CVE-2009-2360 + + + a3li + + + a3li + + -- cgit v1.2.3