Vulnerabilities > CVE-2001-1258 - Local 'prefs.lang' vulnerability in Horde IMP
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 7 |
Nessus
| NASL family | Debian Local Security Checks |
| NASL id | DEBIAN_DSA-073.NASL |
| description | The Horde team released version 2.2.6 of IMP (a web-based IMAP mail program) which fixes three security problems. Their release announcement describes them as follows : - A PHPLIB vulnerability allowed an attacker to provide a value for the array element $_PHPLIB[libdir], and thus to get scripts from another server to load and execute. This vulnerability is remotely exploitable. (Horde 1.2.x ships with its own customized version of PHPLIB, which has now been patched to prevent this problem.) - By using tricky encodings of |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 14910 |
| published | 2004-09-29 |
| reporter | This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/14910 |
| title | Debian DSA-073-1 : imp - 3 remote exploits |
References
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410
- http://online.securityfocus.com/archive/1/198495
- http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt
- http://www.debian.org/security/2001/dsa-073
- http://www.iss.net/security_center/static/6906.php
- http://www.securityfocus.com/bid/3083