GLSA-200805-01 : Horde Application Framework: Multiple vulnerabilities

This script is Copyright (C) 2008-2014 Tenable Network Security, Inc.


Synopsis :

The remote Gentoo host is missing one or more security-related
patches.

Description :

The remote host is affected by the vulnerability described in GLSA-200805-01
(Horde Application Framework: Multiple vulnerabilities)

Multiple vulnerabilities have been reported in the Horde Application
Framework:
David Collins, Patrick Pelanne and the
HostGator.com LLC support team discovered that the theme preference
page does not sanitize POST variables for several options, allowing the
insertion of NULL bytes and '..' sequences (CVE-2008-1284).
An
error exists in the Horde API allowing users to bypass security
restrictions.

Impact :

The first vulnerability can be exploited by a remote attacker to read
arbitrary files and by remote authenticated attackers to execute
arbitrary files. The second vulnerability can be exploited by
authenticated remote attackers to perform restricted operations.

Workaround :

There is no known workaround at this time.

See also :

http://www.gentoo.org/security/en/glsa/glsa-200805-01.xml

Solution :

All Horde Application Framework users should upgrade to the latest
version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-3.1.7'
All horde-groupware users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-groupware-1.0.5'
All horde-kronolith users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-kronolith-2.1.7'
All horde-mnemo users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-mnemo-2.1.2'
All horde-nag users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-nag-2.1.4'
All horde-webmail users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=www-apps/horde-webmail-1.0.6'

Risk factor :

Medium / CVSS Base Score : 6.0
(CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P)

Family: Gentoo Local Security Checks

Nessus Plugin ID: 32149 (gentoo_GLSA-200805-01.nasl)

Bugtraq ID:

CVE ID: CVE-2008-1284