[VIM] Recent unspecified Horde vuln is eval injection

George A. Theall theall at tenablesecurity.com
Thu Mar 30 07:32:39 EST 2006


Steven M. Christey wrote:

> Eval injection vulnerability in Horde Application Framework versions
> 3.0 before 3.0.10 and 3.1 before 3.1.1 allows remote attackers to
> execute arbitrary code via the help viewer.

This one's nasty -- an unauthenticated attacker can execute arbitrary
PHP code regardless of the familiar register_globals / magic_quotes_gpc
settings and using just a simple GET. Even Hardened PHP's patches don't
stop it.  Given Horde's popularity, I expect to this since used by worm
writers as soon as details get out on the exploit.

George


More information about the VIM mailing list