CVE-2002-2024 — Storage of File with Sensitive Data Under Web Root in IMP

CWE-219 — Storage of File with Sensitive Data Under Web Root CWE-415 — Double Free CWE-120 — Classic Buffer Overflow6 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 40.24%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Horde IMP Msrc Azl3 Libdwarf 0.9.0-1 ON Azure Linux 3.0 Msrc Azl3 Libdwarf 0.9.2-1 ON Azure Linux 3.0 +3 more

Timeline

PublishedDec 31

Latest updateAug 13

Description

Horde IMP 2.2.7 allows remote attackers to obtain the full web root pathname via an HTTP request for (1) poppassd.php3, (2) login.php3?reason=chpass2, (3) spelling.php3, and (4) ldap.search.php3?ldap_serv=nonsense which leaks the information in error messages.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages6 packages

▶NVDhorde/imp2.2.7

▶msrcmsrc/azl3_qemu_8.2.0-16_on_azure_linux_3.0

▶msrcmsrc/cbl2_qemu_6.2.0-24_on_cbl_mariner_2.0

▶msrcmsrc/azl3_libdwarf_0.9.0-1_on_azure_linux_3.0

▶msrcmsrc/azl3_libdwarf_0.9.2-1_on_azure_linux_3.0

🔴Vulnerability Details

GHSA

GHSA-82jv-mjpv-6mh8: Horde IMP 2↗2022-04-30

▶

📋Vendor Advisories

Microsoft

Buffer Overflow vulnerability in the net/bootp.c in DENEX U-Boot from its initial commit in 2002 (3861aa5) up to today on any platform allows an attacker on the local network to leak memory from four ↗2024-08-13

▶

Microsoft

Libdwarf: crashes randomly on fuzzed object↗2024-03-12

▶

Red Hat

libdwarf: crashes randomly on fuzzed object↗2024-02-17

▶