exploits , vulnerabilities , articles , Horde Framework and IMP Cleanup Cron Script Arbitrary File Deletion Vulnerability

Title	Horde Framework and IMP Cleanup Cron Script Arbitrary File Deletion Vulnerability
Published	2007-03-15-12:00AM
Updated	2007-03-15-08:34PM
Class	Input Validation Error
CVE
Remote	No
Local	Yes
Credit	The discoverer of this vulnerability wishes to remain anonymous.
Vulnerable	Horde IMP 3.2.6 Horde IMP 3.2.1 Horde IMP 3.1 Horde IMP 3.0 Horde IMP 2.3.6 Horde IMP 2.2.8 Conectiva Linux 8.0 Conectiva Linux 7.0 Horde Horde 1.2.8 Horde IMP 2.0.9 Horde IMP 2.0.8 Horde IMP 2.0 PHP PHP 4.0.1 pl2 PHP PHP 4.0.1 PHP PHP 4.0 0 PHP PHP 3.0.16 Horde Framework 3.1.3 Horde Framework 3.0.4 Horde Framework 3.0
Not Vulnerable
Code	An attacker could exploit this issue by creating a file '/tmp/x /etc/passwd /tmpmswordx' and running the affected cron script. This will result in the deletion of '/tmp/x', '/etc/passwd', and '/tmp/mswordx'.
TXT

Vulnerabilities - newest 10 RSS | More

2008-12-04 Netrw Vim Script Information Disclosure Vulnerability
2008-12-04 Sun Java Web Start and Java Plug-in Multiple Privilege Escalation Vulnerabilities
2008-12-03 Adobe Acrobat 9 Unspecified PDF Document Encryption Weakness
2008-12-03 Ocean12 Mailing List Manager Gold SQL Injection and Cross Site Scripting Vulnerabilities
2008-12-03 IBM Rational ClearQuest Maintenance Tool Local Information Disclosure Vulnerability
2008-12-03 VMware Products Unspecified Host Memory Corruption Vulnerability
2008-12-03 IBM Rational ClearQuest Web Multiple Unspecified Cross Site Scripting Vulnerabilities
2008-12-02 RakhiSoftware Shopping Cart Multiple Remote Vulnerabilities
2008-12-02 Softbiz Classifieds Script Multiple Cross Site Scripting Vulnerabilities
2008-12-02 CodeToad ASP Shopping Cart Script Cross Site Scripting Vulnerability

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Thu, 04 Dec 2008 17:26:54 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
3gpxxxhind dragon fab kanoon.mot Video sex xxxse x women sex cljps CMS is Fre kurdstanne Searching+ MDUresults xoopsgalle Lookin boy video sex 624 d-link blouse sex Tricha . Www.urduka www.arebia www.102030 www.slavij Http .www t667t Internacio www.gxcan. D Link t537t shakila se LDU CMS is Fre CMS is Fre free sexy dragon fab i5up.com www.bbw.co php-nuke 2 CMS is Fre t188t www.pics5. easymail xp sp2 exp dragon fab dragon fab mambo Remo t681t t229t topics www.nobles 23www free www.arebia