-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : imp SUMMARY : SQL code injection vulnerability DATE : 2003-07-08 11:00:00 ID : CLA-2003:690 RELEVANT RELEASES : 7.0, 8 - ------------------------------------------------------------------------- DESCRIPTION Imp[1] is a webmail system which uses the Horde framework. Jouko Pynnonen reported[3] that the Imp webmail version 2.x has a SQL injection vulnerability[2]. Imp can optionally store user preferences, contacts list and session IDs in a SQL database. A remote attacker can use this vulnerability to execute SQL commands and possibly get session IDs and steal another user's webmail session. Other consequences are possible and depend on the privileges Imp has in the database. Usually, these privileges are limited to the Imp database itself, but this is site and database specific. This update also contains some fixes for Imp and Horde to make them work with PHP 4.3.2. SOLUTION It is recommended that all Imp users upgrade their packages. REFERENCES 1. http://www.horde.org/imp/ 2. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0025 3. http://marc.theaimsgroup.com/?l=bugtraq&m=104204786206563&w=2 UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/horde-1.2.8-1U70_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/SRPMS/imp-2.2.8-1U70_3cl.src.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-1.2.8-1U70_2cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-mysql-1.2.8-1U70_2cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-pgsql-1.2.8-1U70_2cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/horde-shm-1.2.8-1U70_2cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/7.0/RPMS/imp-2.2.8-1U70_3cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/horde-1.2.8-2U80_1cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/SRPMS/imp-2.2.8-2U80_2cl.src.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/horde-1.2.8-2U80_1cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/horde-mysql-1.2.8-2U80_1cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/horde-pgsql-1.2.8-2U80_1cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/horde-shm-1.2.8-2U80_1cl.noarch.rpm ftp://atualizacoes.conectiva.com.br/8/RPMS/imp-2.2.8-2U80_2cl.noarch.rpm ADDITIONAL INSTRUCTIONS The apt tool can be used to perform RPM packages upgrades: - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- Copyright (c) 2003 Conectiva Inc. http://www.conectiva.com - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribeat_private unsubscribe: conectiva-updates-unsubscribeat_private -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/Cs7E42jd0JmAcZARAhHSAKC4LlCk7TQGR+OK8d8OQuqqp+XSswCeO/R1 BcL4L226UtnGfhNsV4xqYR8= =EkQL -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Tue Jul 08 2003 - 10:24:12 PDT