[gentoo-announce] [ GLSA 200911-01 ] Horde: Multiple vulnerabilities - gentoo-announce

From:	Alex Legler <a3li@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××××.uk, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200911-01 ] Horde: Multiple vulnerabilities
Date:	Fri, 06 Nov 2009 13:38:59
Message-Id:	`20091106143649.09ef2e48@mail.netloc.info`

1

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

2

Gentoo Linux Security Advisory                           GLSA 200911-01

3

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

4

                                            http://security.gentoo.org/

5

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

6

7

  Severity: Normal

8

     Title: Horde: Multiple vulnerabilities

9

      Date: November 06, 2009

10

      Bugs: #285052

11

        ID: 200911-01

12

13

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

14

15

Synopsis

16

========

17

18

Multiple vulnerabilities in the Horde Application Framework can allow

19

for arbitrary files to be overwritten and cross-site scripting attacks.

20

21

Background

22

==========

23

24

Horde is a web application framework written in PHP.

25

26

Affected packages

27

=================

28

29

    -------------------------------------------------------------------

30

     Package                   /  Vulnerable  /             Unaffected

31

    -------------------------------------------------------------------

32

  1  www-apps/horde                 < 3.3.5                   >= 3.3.5

33

  2  www-apps/horde-webmail         < 1.2.4                   >= 1.2.4

34

  3  www-apps/horde-groupware       < 1.2.4                   >= 1.2.4

35

    -------------------------------------------------------------------

36

     3 affected packages on all of their supported architectures.

37

    -------------------------------------------------------------------

38

39

Description

40

===========

41

42

Multiple vulnerabilities have been discovered in Horde:

43

44

* Stefan Esser of Sektion1 reported an error within the form library

45

  when handling image form fields (CVE-2009-3236).

46

47

* Martin Geisler and David Wharton reported that an error exists in

48

  the MIME viewer library when viewing unknown text parts and the

49

  preferences system in services/prefs.php when handling number

50

  preferences (CVE-2009-3237).

51

52

Impact

53

======

54

55

A remote authenticated attacker could exploit these vulnerabilities to

56

overwrite arbitrary files on the server, provided that the user has

57

write permissions. A remote authenticated attacker could conduct

58

Cross-Site Scripting attacks.

59

60

Workaround

61

==========

62

63

There is no known workaround at this time.

64

65

Resolution

66

==========

67

68

All Horde users should upgrade to the latest version:

69

70

    # emerge --sync

71

    # emerge --ask --oneshot --verbose =www-apps/horde-3.3.5

72

73

All Horde webmail users should upgrade to the latest version:

74

75

    # emerge --sync

76

    # emerge --ask --oneshot --verbose =www-apps/horde-webmail-1.2.4

77

78

All Horde groupware users should upgrade to the latest version:

79

80

    # emerge --sync

81

    # emerge --ask --oneshot --verbose =www-apps/horde-groupware-1.2.4

82

83

References

84

==========

85

86

  [ 1 ] CVE-2009-3236

87

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236

88

  [ 2 ] CVE-2009-3237

89

        http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237

90

91

Availability

92

============

93

94

This GLSA and any updates to it are available for viewing at

95

the Gentoo Security Website:

96

97

  http://security.gentoo.org/glsa/glsa-200911-01.xml

98

99

Concerns?

100

=========

101

102

Security is a primary focus of Gentoo Linux and ensuring the

103

confidentiality and security of our users machines is of utmost

104

importance to us. Any security concerns should be addressed to

105

security@g.o or alternatively, you may file a bug at

106

https://bugs.gentoo.org.

107

108

License

109

=======

110

111

Copyright 2009 Gentoo Foundation, Inc; referenced text

112

belongs to its owner(s).

113

114

The contents of this document are licensed under the

115

Creative Commons - Attribution / Share Alike license.

116

117

http://creativecommons.org/licenses/by-sa/2.5

Gentoo Archives: gentoo-announce

Attachments

1	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2	Gentoo Linux Security Advisory GLSA 200911-01
3	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
4	http://security.gentoo.org/
5	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
6
7	Severity: Normal
8	Title: Horde: Multiple vulnerabilities
9	Date: November 06, 2009
10	Bugs: #285052
11	ID: 200911-01
12
13	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
14
15	Synopsis
16	========
17
18	Multiple vulnerabilities in the Horde Application Framework can allow
19	for arbitrary files to be overwritten and cross-site scripting attacks.
20
21	Background
22	==========
23
24	Horde is a web application framework written in PHP.
25
26	Affected packages
27	=================
28
29	-------------------------------------------------------------------
30	Package / Vulnerable / Unaffected
31	-------------------------------------------------------------------
32	1 www-apps/horde < 3.3.5 >= 3.3.5
33	2 www-apps/horde-webmail < 1.2.4 >= 1.2.4
34	3 www-apps/horde-groupware < 1.2.4 >= 1.2.4
35	-------------------------------------------------------------------
36	3 affected packages on all of their supported architectures.
37	-------------------------------------------------------------------
38
39	Description
40	===========
41
42	Multiple vulnerabilities have been discovered in Horde:
43
44	* Stefan Esser of Sektion1 reported an error within the form library
45	when handling image form fields (CVE-2009-3236).
46
47	* Martin Geisler and David Wharton reported that an error exists in
48	the MIME viewer library when viewing unknown text parts and the
49	preferences system in services/prefs.php when handling number
50	preferences (CVE-2009-3237).
51
52	Impact
53	======
54
55	A remote authenticated attacker could exploit these vulnerabilities to
56	overwrite arbitrary files on the server, provided that the user has
57	write permissions. A remote authenticated attacker could conduct
58	Cross-Site Scripting attacks.
59
60	Workaround
61	==========
62
63	There is no known workaround at this time.
64
65	Resolution
66	==========
67
68	All Horde users should upgrade to the latest version:
69
70	# emerge --sync
71	# emerge --ask --oneshot --verbose =www-apps/horde-3.3.5
72
73	All Horde webmail users should upgrade to the latest version:
74
75	# emerge --sync
76	# emerge --ask --oneshot --verbose =www-apps/horde-webmail-1.2.4
77
78	All Horde groupware users should upgrade to the latest version:
79
80	# emerge --sync
81	# emerge --ask --oneshot --verbose =www-apps/horde-groupware-1.2.4
82
83	References
84	==========
85
86	[ 1 ] CVE-2009-3236
87	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3236
88	[ 2 ] CVE-2009-3237
89	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3237
90
91	Availability
92	============
93
94	This GLSA and any updates to it are available for viewing at
95	the Gentoo Security Website:
96
97	http://security.gentoo.org/glsa/glsa-200911-01.xml
98
99	Concerns?
100	=========
101
102	Security is a primary focus of Gentoo Linux and ensuring the
103	confidentiality and security of our users machines is of utmost
104	importance to us. Any security concerns should be addressed to
105	security@g.o or alternatively, you may file a bug at
106	https://bugs.gentoo.org.
107
108	License
109	=======
110
111	Copyright 2009 Gentoo Foundation, Inc; referenced text
112	belongs to its owner(s).
113
114	The contents of this document are licensed under the
115	Creative Commons - Attribution / Share Alike license.
116
117	http://creativecommons.org/licenses/by-sa/2.5