CVE-2001-1257
CVSS7.5
发布时间 :2001-07-21 00:00:00
修订时间 :2011-03-07 21:07:03
NMCOS    

[原文]Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.


[CNNVD]Horde IMP 编码 Cross-Site Scripting 漏洞(CNNVD-200107-152)

        CVE(CAN) ID: CAN-2001-1257
        
        
        
        IMP是由Horde项目组成员开发的一个强大的基于Web的邮件客户程序,Horde程序的框架
        
        提供了对参数设置,压缩,浏览器检测,连接跟踪等功能。
        
        
        
        Web用户可能使用这个邮件客户程序来发送包含恶意JavaScript命令的邮件,这些命令
        
        就会通过接到邮件的用户浏览器执行。
        
        
        
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: PARTIAL [可能会导致系统文件被修改]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

cpe:/a:horde:imp:2.0Horde IMP 2.0
cpe:/a:horde:imp:2.2.2Horde IMP 2.2.2
cpe:/a:horde:imp:2.2.3Horde IMP 2.2.3
cpe:/a:horde:imp:2.2.1Horde IMP 2.2.1
cpe:/a:horde:imp:2.2Horde IMP 2.2
cpe:/a:horde:imp:2.2.5Horde IMP 2.2.5
cpe:/a:horde:imp:2.2.4Horde IMP 2.2.4

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1257
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2001-1257
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200107-152
(官方数据源) CNNVD

- 其它链接及资源

http://www.debian.org/security/2001/dsa-073
(VENDOR_ADVISORY)  DEBIAN  DSA-073
http://online.securityfocus.com/archive/1/198495
(VENDOR_ADVISORY)  CONFIRM  http://online.securityfocus.com/archive/1/198495
http://www.securityfocus.com/bid/3082
(UNKNOWN)  BID  3082
http://www.iss.net/security_center/static/6905.php
(UNKNOWN)  XF  imp-cross-site-scripting(6905)
http://www.caldera.com/support/security/advisories/CSSA-2001-027.0.txt
(UNKNOWN)  CALDERA  CSSA-2001-027.0
http://online.securityfocus.com/archive/1/198495
(UNKNOWN)  CONFIRM  http://online.securityfocus.com/archive/1/198495
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410
(UNKNOWN)  CONECTIVA  CLA-2001:410

- 漏洞信息

Horde IMP 编码 Cross-Site Scripting 漏洞
高危 输入验证
2001-07-21 00:00:00 2005-10-20 00:00:00
远程  
        CVE(CAN) ID: CAN-2001-1257
        
        
        
        IMP是由Horde项目组成员开发的一个强大的基于Web的邮件客户程序,Horde程序的框架
        
        提供了对参数设置,压缩,浏览器检测,连接跟踪等功能。
        
        
        
        Web用户可能使用这个邮件客户程序来发送包含恶意JavaScript命令的邮件,这些命令
        
        就会通过接到邮件的用户浏览器执行。
        
        
        
        

- 公告与补丁

        
        
        升级到最新版本
        
        
        
        厂商补丁:
        
        
        
        厂商已经发布了新版本来修正这个问题:
        
        
        
        Conectiva Linux:
        
        ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/horde-1.2.6-1U41_1cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/SRPMS/imp-2.2.6-1U41_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/noarch/horde-1.2.6-1U41_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/noarch/horde-mysql-1.2.6-1U41_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/noarch/horde-shm-1.2.6-1U41_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/noarch/horde-pgsql-1.2.6-1U41_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.1/noarch/imp-2.2.6-1U41_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/horde-1.2.6-1U42_1cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/SRPMS/imp-2.2.6-1U42_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/noarch/horde-1.2.6-1U42_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/noarch/horde-shm-1.2.6-1U42_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/noarch/horde-mysql-1.2.6-1U42_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/noarch/horde-pgsql-1.2.6-1U42_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/4.2/noarch/imp-2.2.6-1U42_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/horde-1.2.6-1U50_1cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/imp-2.2.6-1U50_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/noarch/horde-mysql-1.2.6-1U50_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/noarch/horde-1.2.6-1U50_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/noarch/horde-shm-1.2.6-1U50_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/noarch/horde-pgsql-1.2.6-1U50_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.0/noarch/imp-2.2.6-1U50_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/horde-1.2.6-1U51_1cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/SRPMS/imp-2.2.6-1U51_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/noarch/horde-pgsql-1.2.6-1U51_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/noarch/horde-1.2.6-1U51_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/noarch/horde-mysql-1.2.6-1U51_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/noarch/horde-shm-1.2.6-1U51_1cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/5.1/noarch/imp-2.2.6-1U51_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/imp-2.2.6-1U60_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/SRPMS/horde-1.2.6-1U60_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/horde-mysql-1.2.6-1U60_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/horde-1.2.6-1U60_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/horde-shm-1.2.6-1U60_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/imp-2.2.6-1U60_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/6.0/RPMS/horde-pgsql-1.2.6-1U60_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/horde-1.2.6-1U70_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/imp-2.2.6-1U70_2cl.src.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/RPMS/imp-2.2.6-1U70_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-mysql-1.2.6-1U70_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-pgsql-1.2.6-1U70_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-shm-1.2.6-1U70_2cl.noarch.rpm
        
        ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-1.2.6-1U70_2cl.noarch.rpm
        
        
        

- 漏洞信息

9290
Horde IMP Email XSS
Remote / Network Access Input Manipulation
Loss of Integrity Upgrade
Vendor Verified

- 漏洞描述

- 时间线

2001-07-21 Unknow
Unknow Unknow

- 解决方案

Upgrade to version 2.2.6, 1.2.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Horde IMP Encoded Cross-Agent Scripting Vulnerability
Input Validation Error 3082
Yes No
2001-07-21 12:00:00 2009-07-11 06:56:00
This vulnerability was discovered by Nick Cleaton <nick@cleaton.net> and submitted to BugTraq on July 21st, 2001 by "Brent J. Nordquist" <bjn@horde.org>.

- 受影响的程序版本

Horde Project IMP 2.2.5
+ Caldera OpenLinux Server 3.1
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
+ Horde Project Horde 1.2.5
Horde Project IMP 2.2.4
+ Caldera OpenLinux Server 3.1
+ Horde Project Horde 1.2.4
Horde Project IMP 2.2.3
+ Horde Project Horde 1.2.3
Horde Project IMP 2.2.2
+ Horde Project Horde 1.2.2
Horde Project IMP 2.2.1
+ Horde Project Horde 1.2.1
Horde Project IMP 2.2
+ Horde Project Horde 1.2
Horde Project IMP 2.0
- PHP PHP 4.0.1 pl2
- PHP PHP 4.0.1
- PHP PHP 4.0 0
- PHP PHP 3.0.16
Horde Project IMP 2.2.6
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Debian Linux 2.2
+ Horde Project Horde 1.2.6

- 不受影响的程序版本

Horde Project IMP 2.2.6
- Conectiva Linux 7.0
- Conectiva Linux 6.0
- Conectiva Linux 5.1
- Conectiva Linux 5.0
- Debian Linux 2.2
+ Horde Project Horde 1.2.6

- 漏洞讨论

IMP is a powerful web-based mail interface/client developed by members of the Horde project. Horde Application Framework provides support for dealing with things like preferences, compression, browser detection, connection tracking, etc.

Web users may use the webmail interface to send E-mail containing malicious JavaScript commands. The malicious commands will be executed in the browser of the user receiving the e-mail.

- 漏洞利用

Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com &lt;mailto:vuldb@securityfocus.com&gt;.

- 解决方案

The vendor has addressed this issue in newer versions. Upgrades are also available.

Note, the Caldera Linux advisory states:
---
If horde was activated in the apache module "/etc/httpd/modules/mod_php4_horde.conf" you will have to reconfigure it by changing "deny from all" to "allow from all".

Do not run "/usr/lib(exec)/horde/horde.setup" if you already have started the script before the update. If you run the script again, all passwords will be changed back to the default value and you will have to change them manually in "/home/httpd/html/horde/imp/config/defaults.php3" and "/home/httpd/phplib/local.inc"
---


Horde Project IMP 2.0

Horde Project IMP 2.2

Horde Project IMP 2.2.1

Horde Project IMP 2.2.2

Horde Project IMP 2.2.3

Horde Project IMP 2.2.4

Horde Project IMP 2.2.5

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站