Debian DSA-1034-1 : horde2 - several vulnerabilities

high Nessus Plugin ID 22576

Synopsis

The remote Debian host is missing a security-related update.

Description

Several remote vulnerabilities have been discovered in the Horde web application framework, which may lead to the execution of arbitrary web script code. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2006-1260 Null characters in the URL parameter bypass a sanity check, which allowed remote attackers to read arbitrary files, which allowed information disclosure.

- CVE-2006-1491 User input in the help viewer was passed unsanitised to the eval() function, which allowed injection of arbitrary web code.

Solution

Upgrade the horde2 package.

The old stable distribution (woody) doesn't contain horde2 packages.

For the stable distribution (sarge) these problems have been fixed in version 2.2.8-1sarge2.

See Also

https://security-tracker.debian.org/tracker/CVE-2006-1260

https://security-tracker.debian.org/tracker/CVE-2006-1491

http://www.debian.org/security/2006/dsa-1034

Plugin Details

Severity: High

ID: 22576

File Name: debian_DSA-1034.nasl

Version: 1.17

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:horde2, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/14/2006

Vulnerability Publication Date: 3/14/2006

Exploitable With

CANVAS (CANVAS)

Reference Information

CVE: CVE-2006-1260, CVE-2006-1491

DSA: 1034