[imp] Fwd: PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4

AJ aj at mindcrash.com
Wed Aug 13 15:34:52 PDT 2003 

 From bugtraq....


>---------------------------
>PUCCIOLAB.ORG - ADVISORIES
><http://www.pucciolab.org>
>---------------------------
>
>PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4
>
>---------------------------------------------------------------------------
>PuCCiOLAB.ORG Security Advisories                      puccio at pucciolab.org
>http://www.pucciolab.org                          Vincenzo 'puccio' Ciaglia
>August 12th, 2003
>---------------------------------------------------------------------------
>
>Package        : Horde MTA
>Vulnerability  : access to private account without login
>Problem-Type   : remote
>Version        : All < 2.2.4
>Official Site  : http://horde.org/
>N° Advisories  : 0001
>
>***********************
>Description of problem
>************************
>An attacker could send an email to the victim who ago use of HORDE MTA in 
>order to push it to visit a website. The website in issue log all the 
>accesses and describe in the particular the origin of every victim.
>
>Example:
>-------------------
>MY STAT FOR MY WEBSITE - REFERENT DOMAIN
>HTTP://MYSITE.MYSOCIETY.NET/HORDE/IMP/MESSAGE.PHP?HORDE=FC235847D2C8A88190C879B290D12630&INDEX=XXX 
>
>
>In this example, the victim has visualized our website reading the mail 
>that we have sent to it. Visiting the link marked from our counter of 
>accesses, we will be able to approach the page of management of the mail 
>of the victim and will be able to read and to send, calmly, its email 
>without to make the login.The session comes sluice after approximately 20 
>minutes and the hacker it has the time to make its comfortable ones.
>
>*************************
>What could make a attacker?
>*************************
>Read, write and fake your e-mail. Could send , from you email address, a 
>mail to your ISP and ask it User e PASS of your website.The consequences 
>would be catastrophic
>
>*************************
>What I can do ?
>*************************
>Upgrade your MTA Agent to 2.2.4 version.
>
>Greet,
>Vincenzo 'puccio' Ciaglia
>www.pucciolab.org

More information about the imp mailing list