FreeBSD : kronolith -- arbitrary local file inclusion vulnerability (a8af7d70-8007-11db-b280-0008743bf21a)
High Nessus Plugin ID 23744
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptioniDefense Labs reports :
Remote exploitation of a design error in Horde's Kronolith could allow an authenticated web mail user to execute arbitrary PHP code under the security context of the running web server.
The vulnerability specifically exists due to a design error in the way it includes certain files. Specifically, the 'lib/FBView.php' file contains a function 'Kronolith_FreeBusy_View::factory' which will include local files that are supplied via the 'view' HTTP GET request parameter.
SolutionUpdate the affected package.