ISS X-Force Database: horde-help-viewer-command-execution(25516): Horde Application Framework help viewer command execution

Horde Application Framework help viewer command execution

horde-help-viewer-command-execution (25516)

Medium Risk

Description:

Horde Application Framework could allow a remote attacker to execute commands on the system, caused by improper validation of unspecified variables by the help viewer. A remote attacker could exploit this vulnerability to execute arbitrary commands on the system with privileges of the Web server process.

Platforms Affected:

Debian, Debian Linux 3.1
Gentoo, Linux
Horde, Horde prior to 3.0.10
Horde, Horde prior to 3.1.1

Remedy:

Upgrade to the latest version of Horde Application Framework (3.1.1 or 3.0.10) or apply the patches available from the Horde Web site. See References.

For Debian GNU/Linux (horde3):
Refer to DSA-1033-1 for patch, upgrade, or suggested workaround information. See References.

For Debian GNU/Linux (horde2):
Refer to DSA-1034-1 for patch, upgrade, or suggested workaround information. See References.

For Gentoo Linux:
Refer to Gentoo Linux Security Announcement GLSA 2006-04-02 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Gain Access

References:

Horde announce Mailing List, Tue Mar 28 05:27:27 PST 2006, Horde 3.1.1 (final) at http://lists.horde.org/archives/announce/2006/000271.html.
Horde announce Mailing List, Tue Mar 28 05:45:09 PST 2006, Horde 3.0.10 (final) at http://lists.horde.org/archives/announce/2006/000272.html.
Horde Web site, The Horde Application Framework at http://www.horde.org/horde/.
BID-17292: Horde Help Viewer Remote PHP Code Execution Vulnerability
CVE-2006-1491: Eval injection vulnerability in Horde Application Framework versions 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to execute arbitrary code via the help viewer.
DSA-1033: horde3 -- several vulnerabilities
DSA-1034: horde2 -- several vulnerabilities
GLSA-200604-02: Horde Application Framework: Remote code execution
SA19485: Horde Help Viewer "module" PHP Code Execution Vulnerability
SECTRACK ID: 1015841: Horde Application Framework Bug Lets Remote Users Execute Arbitrary Code
SUSE-SR:2006:007: SUSE Security Summary Report
VUPEN/ADV-2006-1154: Horde Application Framework Remote Command Execution Vulnerability

Reported:

Mar 29, 2006

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page