Ubuntu
horde3 package

  1. Bug #203456
  2. Comment #10

Comment 10 for bug 203456

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package horde3 - 3.1.4-1ubuntu0.1

---------------
horde3 (3.1.4-1ubuntu0.1) gutsy-security; urgency=low

  * SECURITY UPDATE: (LP: #203456)
   + Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5,
     and Groupware Webmail Edition before 1.0.6, when running with certain
     configurations, allows remote authenticated users to read and execute arbitrary
     files via ".." sequences and a null byte in the theme name.
     Fix directory traversal vulnerability in Registry.php which allows
     an attacker to read and execute arbitrary local files via crafted
     path sequences.

  * References
   + http://ftp.horde.org/pub/horde/patches/patch-horde-3.1.6-3.1.7.gz
   + http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-1284
   + http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=470640
   + http://www.debian.org/security/2008/dsa-1519

 -- Emanuele Gentili <email address hidden> Thu, 27 Mar 2008 14:03:40 +0100