Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
http://www.securityfocus.com/bid/3083
http://www.iss.net/security_center/static/6906.php
http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt
http://online.securityfocus.com/archive/1/198495
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410