[gentoo-announce] [ GLSA 200911-01 ] Horde: Multiple vulnerabilities

[news 28]

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Gentoo Linux Security Advisory GLSA 200911-01

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

http://security.gentoo.org/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

Severity: Normal

Title: Horde: Multiple vulnerabilities

Date: November 06, 2009

Bugs: #285052

ID: 200911-01

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

Synopsis

========

 

Multiple vulnerabilities in the Horde Application Framework can allow

for arbitrary files to be overwritten and cross-site scripting attacks.

 

Background

==========

 

Horde is a web application framework written in PHP.

 

Affected packages

=================

 

-------------------------------------------------------------------

Package / Vulnerable / Unaffected

-------------------------------------------------------------------

1 www-apps/horde < 3.3.5 >= 3.3.5

2 www-apps/horde-webmail < 1.2.4 >= 1.2.4

3 www-apps/horde-groupware < 1.2.4 >= 1.2.4

-------------------------------------------------------------------

3 affected packages on all of their supported architectures.

-------------------------------------------------------------------

 

Description

===========

 

Multiple vulnerabilities have been discovered in Horde:

 

* Stefan Esser of Sektion1 reported an error within the form library

when handling image form fields (CVE-2009-3236).

 

* Martin Geisler and David Wharton reported that an error exists in

the MIME viewer library when viewing unknown text parts and the

preferences system in services/prefs.php when handling number

preferences (CVE-2009-3237).

 

Impact

======

 

A remote authenticated attacker could exploit these vulnerabilities to

overwrite arbitrary files on the server, provided that the user has

write permissions. A remote authenticated attacker could conduct

Cross-Site Scripting attacks.

 

Workaround

==========

 

There is no known workaround at this time.

 

Resolution

==========

 

All Horde users should upgrade to the latest version:

 

# emerge --sync

# emerge --ask --oneshot --verbose =www-apps/horde-3.3.5

 

All Horde webmail users should upgrade to the latest version:

 

# emerge --sync

# emerge --ask --oneshot --verbose =www-apps/horde-webmail-1.2.4

 

All Horde groupware users should upgrade to the latest version:

 

# emerge --sync

# emerge --ask --oneshot --verbose =www-apps/horde-groupware-1.2.4

 

References

==========

 

[ 1 ] CVE-2009-3236

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236

[ 2 ] CVE-2009-3237

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237

 

Availability

============

 

This GLSA and any updates to it are available for viewing at

the Gentoo Security Website:

 

http://security.gentoo.org/glsa/glsa-200911-01.xml

 

Concerns?

=========

 

Security is a primary focus of Gentoo Linux and ensuring the

confidentiality and security of our users machines is of utmost

importance to us. Any security concerns should be addressed to

security ( -at -) gentoo.org or alternatively, you may file a bug at

https://bugs.gentoo.org.

 

License

=======

 

Copyright 2009 Gentoo Foundation, Inc; referenced text

belongs to its owner(s).

 

The contents of this document are licensed under the

Creative Commons - Attribution / Share Alike license.

 

http://creativecommons.org/licenses/by-sa/2.5