[imp] HELP!! bug in horde/imp

robert robert at gmx.li
Wed May 26 01:09:14 PDT 2004


Quoting sandra hernandez <sandra at fib.upc.es>:


> This bug had been reported on Jul 13, 2001 as you can see in
> http://www.securityfocus.com/bid/3067/info
>
> I don't know how to deny access, because there are files that have to be
> read by apache/horde/imp than contains sensitive data.
> Is there anyone that implement a solution for this problem?

This is NOT a bug in horde/imp, its the default behaviour of some imap
servers,
like uw imapd. I don't know why securityfocus lists this as a bug in horde, as
u can "exploit" that with any imap client. use another imap server and/or read
http://www.washington.edu/imap/IMAP-FAQs/index.html#5.1


More information about the imp mailing list