[VIM] Horde go.php question

security curmudgeon jericho at attrition.org
Wed Mar 22 07:56:33 EST 2006


http://archives.neohapsis.com/archives/bugtraq/2006-03/0272.html
http://archives.neohapsis.com/archives/bugtraq/2006-03/0366.html

---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: Jan Schneider <jan at horde.org>
Date: Wed, 22 Mar 2006 07:55:54 -0500 (EST)
Subject: Re: CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde
     v3.09 and prior


Hey Jan,

: Just FYI, noone of the Horde developers was able to reproduce this, and
: it should only be exploitable if you have a PHP version that has bugs in
: both parse_url() and readfile().
:
: Beside that, the reporters unfortunately stopped talking to us in the
: middle of the process, dunno why.

If none of the developers were able to reproduce this, do you know why
CodeScan said the following:

: > CodeScan Labs has been in contact with Horde and a new version of
: > the software has been released to address the discovered
: > vulnerability.
: >
: > Users are advised to upgrade to version 3.1
: >   ftp://ftp.horde.org/pub/horde/horde-3.1.tar.gz

Why would they encourage users to upgrade to 3.1 to fix this, if the devs
couldnt reproduce it (and I assume write a patch for it)?

Thanks!

Brian
OSVDB.org


More information about the VIM mailing list