Executive Summary
Summary | |
---|---|
Title | New horde3 packages fix information disclosure |
Informations | |||
---|---|---|---|
Name | DSA-1519 | First vendor Publication | 2008-03-15 |
Vendor | Debian | Last vendor Modification | 2008-03-15 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 6 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 6.8 | Authentication | Requires single instance |
Calculate full CVSS 2.0 Vectors scores |
Detail
It was discovered that the Horde web application framework permits arbitrary file inclusion by a remote attacker through the theme preference parameter. The old stable distribution (sarge) this problem has been fixed in version 3.0.4-4sarge7. For the stable distribution (etch) this problem has been fixed in version 3.1.3-4etch3. For the unstable distribution (sid) this problem has been fixed in version 3.1.7-1. We recommend that you upgrade your horde3 package. |
Original Source
Url : http://www.debian.org/security/2008/dsa-1519 |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-3 | Using Leading 'Ghost' Character Sequences to Bypass Input Filters |
CAPEC-7 | Blind SQL Injection |
CAPEC-8 | Buffer Overflow in an API Call |
CAPEC-9 | Buffer Overflow in Local Command-Line Utilities |
CAPEC-10 | Buffer Overflow via Environment Variables |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-14 | Client-side Injection-induced Buffer Overflow |
CAPEC-18 | Embedding Scripts in Nonscript Elements |
CAPEC-22 | Exploiting Trust in Client (aka Make the Client Invisible) |
CAPEC-24 | Filter Failure through Buffer Overflow |
CAPEC-28 | Fuzzing |
CAPEC-31 | Accessing/Intercepting/Modifying HTTP Cookies |
CAPEC-32 | Embedding Scripts in HTTP Query Strings |
CAPEC-42 | MIME Conversion |
CAPEC-43 | Exploiting Multiple Input Interpretation Layers |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-46 | Overflow Variables and Tags |
CAPEC-47 | Buffer Overflow via Parameter Expansion |
CAPEC-52 | Embedding NULL Bytes |
CAPEC-53 | Postfix, Null Terminate, and Backslash |
CAPEC-63 | Simple Script Injection |
CAPEC-64 | Using Slashes and URL Encoding Combined to Bypass Validation Logic |
CAPEC-66 | SQL Injection |
CAPEC-67 | String Format Overflow in syslog() |
CAPEC-71 | Using Unicode Encoding to Bypass Validation Logic |
CAPEC-72 | URL Encoding |
CAPEC-73 | User-Controlled Filename |
CAPEC-78 | Using Escaped Slashes in Alternate Encoding |
CAPEC-79 | Using Slashes in Alternate Encoding |
CAPEC-80 | Using UTF-8 Encoding to Bypass Validation Logic |
CAPEC-81 | Web Logs Tampering |
CAPEC-83 | XPath Injection |
CAPEC-85 | Client Network Footprinting (using AJAX/XSS) |
CAPEC-86 | Embedding Script (XSS ) in HTTP Headers |
CAPEC-88 | OS Command Injection |
CAPEC-91 | XSS in IMG Tags |
CAPEC-99 | XML Parser Attack |
CAPEC-101 | Server Side Include (SSI) Injection |
CAPEC-104 | Cross Zone Scripting |
CAPEC-106 | Cross Site Scripting through Log Files |
CAPEC-108 | Command Line Execution through SQL Injection |
CAPEC-109 | Object Relational Mapping Injection |
CAPEC-110 | SQL Injection through SOAP Parameter Tampering |
CAPEC-171 | Variable Manipulation |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20302 | |||
Oval ID: | oval:org.mitre.oval:def:20302 | ||
Title: | DSA-1519-1 horde3 - information disclosure | ||
Description: | It was discovered that the Horde web application framework permits arbitrary file inclusion by a remote attacker through the <code>theme</code> preference parameter. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1519-1 CVE-2008-1284 | Version: | 5 |
Platform(s): | Debian GNU/Linux 4.0 | Product(s): | horde3 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:7854 | |||
Oval ID: | oval:org.mitre.oval:def:7854 | ||
Title: | DSA-1519 horde3 -- insufficient input sanitising | ||
Description: | It was discovered that the Horde web application framework permits arbitrary file inclusion by a remote attacker through the theme preference parameter. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-1519 CVE-2008-1284 | Version: | 3 |
Platform(s): | Debian GNU/Linux 4.0 Debian GNU/Linux 3.1 | Product(s): | horde3 |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-02-16 | Name : Fedora Update for horde FEDORA-2008-2362 File : nvt/gb_fedora_2008_2362_horde_fc8.nasl |
2009-02-16 | Name : Fedora Update for horde FEDORA-2008-2406 File : nvt/gb_fedora_2008_2406_horde_fc7.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200805-01 (horde) File : nvt/glsa_200805_01.nasl |
2008-03-19 | Name : Debian Security Advisory DSA 1519-1 (horde3) File : nvt/deb_1519_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42774 | Horde Multiple Products theme Parameter Traversal Local File Inclusion |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_horde-081119.nasl - Type : ACT_GATHER_INFO |
2008-11-25 | Name : The remote openSUSE host is missing a security update. File : suse_horde-5791.nasl - Type : ACT_GATHER_INFO |
2008-05-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200805-01.nasl - Type : ACT_GATHER_INFO |
2008-03-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1519.nasl - Type : ACT_GATHER_INFO |
2008-03-13 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2362.nasl - Type : ACT_GATHER_INFO |
2008-03-13 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2406.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:27:26 |
|