[dev] Fwd: PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4

Rick Emery rick at emery.homelinux.net
Wed Aug 13 17:04:42 PDT 2003 

Did this person bother to contact a horde developer before posting this to the
public bugtraq list?

----- Forwarded message from puccio at pucciolab.org -----
    Date: Wed, 13 Aug 2003 23:26:18 +0200
    From: Vincenzo 'puccio' Ciaglia <puccio at pucciolab.org>
Reply-To: Vincenzo 'puccio' Ciaglia <puccio at pucciolab.org>
 Subject: PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4
      To: bugtraq at securityfocus.com

---------------------------
PUCCIOLAB.ORG - ADVISORIES
<http://www.pucciolab.org>
---------------------------

PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4

---------------------------------------------------------------------------
PuCCiOLAB.ORG Security Advisories                      puccio at pucciolab.org
http://www.pucciolab.org                          Vincenzo 'puccio' Ciaglia
August 12th, 2003
---------------------------------------------------------------------------

Package        : Horde MTA
Vulnerability  : access to private account without login
Problem-Type   : remote
Version        : All < 2.2.4
Official Site  : http://horde.org/
N° Advisories  : 0001

***********************
Description of problem
************************
An attacker could send an email to the victim who ago use of HORDE MTA in order
to push it to visit a website. The website in issue log all the accesses and
describe in the particular the origin of every victim.

Example:
-------------------
MY STAT FOR MY WEBSITE - REFERENT DOMAIN
HTTP://MYSITE.MYSOCIETY.NET/HORDE/IMP/MESSAGE.PHP?HORDE=FC235847D2C8A88190C879B290D12630&INDEX=XXX

In this example, the victim has visualized our website reading the mail that we
have sent to it. Visiting the link marked from our counter of accesses, we will
be able to approach the page of management of the mail of the victim and will
be able to read and to send, calmly, its email without to make the login.The
session comes sluice after approximately 20 minutes and the hacker it has the
time to make its comfortable ones.

*************************
What could make a attacker?
*************************
Read, write and fake your e-mail. Could send , from you email address, a mail to
your ISP and ask it User e PASS of your website.The consequences would be
catastrophic

*************************
What I can do ?
*************************
Upgrade your MTA Agent to 2.2.4 version.

Greet,
Vincenzo 'puccio' Ciaglia
www.pucciolab.org


----- End forwarded message -----

More information about the dev mailing list