CVE-2008-1284
published 2008-03-11CVE-2008-1284: Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations…
PriorityP430medium6CVSS 2.0
AVNACMAuSCPIPAP
EPSS
1.68%
74.0th percentile
Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| horde | groupware | <= 1.0.4 | — |
| horde | groupware_webmail_edition | <= 1.0.5 | — |
| horde | horde | — | — |
CVSS provenance
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
vendor_redhat6.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7mw7-mpj3-2hr3: Directory traversal vulnerability in Horde 3
ghsa_unreviewed·2022-05-01
CVE-2008-1284 [MEDIUM] CWE-22 GHSA-7mw7-mpj3-2hr3: Directory traversal vulnerability in Horde 3
Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.
Red Hat
horde: arbitrary file inclusion through abuse of the theme preference
vendor_redhat·CVSS 6.0
CVE-2008-1284 [MEDIUM] horde: arbitrary file inclusion through abuse of the theme preference
horde: arbitrary file inclusion through abuse of the theme preference
Directory traversal vulnerability in Horde 3.1.6, Groupware before 1.0.5, and Groupware Webmail Edition before 1.0.6, when running with certain configurations, allows remote authenticated users to read and execute arbitrary files via ".." sequences and a null byte in the theme name.
No detection rules found.
No public exploits indexed.
CWE
Improper Input Validation
mitre_cwe
CWE-20 Improper Input Validation
CWE-20: Improper Input Validation
The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly.
Input validation is a frequently-used technique
for checking potentially dangerous inputs in order to
ensure that the inputs are safe for processing within the
code, or when communicating with other components. Input can consist of: raw data - strings, numbers, parameters, file contents, etc. metadata - information about the raw data, such as headers or size Data can be simple or structured. Structured data
can be composed of many nested layers, composed of
combinations of metadata and raw data, with other simple or
structured data. Many properties of raw data or metadata may n
CWE
Improper Neutralization of Null Byte or NUL Character
mitre_cwe
CWE-158 Improper Neutralization of Null Byte or NUL Character
CWE-158: Improper Neutralization of Null Byte or NUL Character
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes NUL characters or null bytes when they are sent to a downstream component.
As data is parsed, an injected NUL character or null byte may cause the product to believe the input is terminated earlier than it actually is, or otherwise cause the input to be misinterpreted. This could then be used to inject potentially dangerous input that occurs after the null byte or otherwise bypass validation routines and other protection mechanisms.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Integrity. Impact: Unexpected State.
Potential Mitigations:
Developers should anticipate that null characters or
http://lists.horde.org/archives/announce/2008/000382.htmlhttp://lists.horde.org/archives/announce/2008/000383.htmlhttp://lists.horde.org/archives/announce/2008/000384.htmlhttp://secunia.com/advisories/29286http://secunia.com/advisories/29374http://secunia.com/advisories/29400http://secunia.com/advisories/30047http://security.gentoo.org/glsa/glsa-200805-01.xmlhttp://securityreason.com/securityalert/3726http://www.debian.org/security/2008/dsa-1519http://www.securityfocus.com/archive/1/489239/100/0/threadedhttp://www.securityfocus.com/archive/1/489289/100/0/threadedhttp://www.securityfocus.com/bid/28153http://www.vupen.com/english/advisories/2008/0822/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41054https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00253.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00301.htmlhttp://lists.horde.org/archives/announce/2008/000382.htmlhttp://lists.horde.org/archives/announce/2008/000383.htmlhttp://lists.horde.org/archives/announce/2008/000384.htmlhttp://secunia.com/advisories/29286http://secunia.com/advisories/29374http://secunia.com/advisories/29400http://secunia.com/advisories/30047http://security.gentoo.org/glsa/glsa-200805-01.xmlhttp://securityreason.com/securityalert/3726http://www.debian.org/security/2008/dsa-1519http://www.securityfocus.com/archive/1/489239/100/0/threadedhttp://www.securityfocus.com/archive/1/489289/100/0/threadedhttp://www.securityfocus.com/bid/28153http://www.vupen.com/english/advisories/2008/0822/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/41054https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00253.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-March/msg00301.html
2008-03-11
Published