[horde] HELP!! disclosure of files that contains sensitive data

sandra hernandez sandra at fib.upc.es
Tue May 25 09:26:50 PDT 2004


Hi,
                                                                                                                       
I recently discover a problem with our horde/imp implementation.
Anyone can disclosure any file that have read permissions for
user-www/other with horde/imp applications.The person who wants to
access only have to login in imp, and then change the URL to something
like this:
                                                                                                                       
https://machine/horde/imp/mailbox.php?mailbox=/etc/passwd&actionID=000&Horde=xxxxxx
(where xxxxxx is session identifier)
                                                                                                                       
This bug had been reported on Jul 13, 2001 as you can see in
http://www.securityfocus.com/bid/3067/info
                                                                                                                       
I don't know how to deny access, because there are files that have to be
read by apache/horde/imp than contains sensitive data.
Is there anyone that implement a solution for this problem?
                                                                                                                       
Any help would be very apreciated.
                                                                                                                       
Sandra





More information about the horde mailing list