BID:50800

Multiple Horde Products Private Tasks Security Bypass Vulnerability

Info

Multiple Horde Products Private Tasks Security Bypass Vulnerability

Bugtraq ID:	50800
Class:	Access Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Nov 24 2011 12:00AM
Updated:	Nov 24 2011 12:00AM
Credit:	samuel.wolf
Vulnerable:	Horde Nag 3.0.5 Horde Horde Groupware Webmail Edition 4.0.3 Horde Horde Groupware 4.0.3

Not Vulnerable:	Horde Nag 3.0.6 Horde Horde Groupware Webmail Edition 4.0.4 Horde Horde Groupware 4.0.4

Discussion

Multiple Horde Products Private Tasks Security Bypass Vulnerability

Multiple Horde Products are prone to a security-bypass vulnerability.

Attackers can exploit this issue to bypass security restrictions to obtain sensitive information; this may aid in launching further attacks.

The following products are vulnerable:

Horde Groupware versions prior to 4.0.4
Horde Groupware Webmail Edition versions prior to 4.0.4
Nag versions prior to 3.0.6

Exploit / POC

Multiple Horde Products Private Tasks Security Bypass Vulnerability

Attackers can exploit this issue through a browser.

Solution / Fix

Multiple Horde Products Private Tasks Security Bypass Vulnerability

Solution:
The vendor has released fixes and an advisory. Please see the references for details.

References

Multiple Horde Products Private Tasks Security Bypass Vulnerability

References:

[#10712] Delegate can not see the description of a privat task (samuel (dot) wolf (at) wolf-maschinenbau (dot) de)
commit:Don't display task details of private tasks via the API (Bug #10712) (Git)
Horde Groupware Changelog (Horde)
Horde Groupware Webmail Edition Changelog (Horde)
Nag Changelog (Horde)
Pandora Homepage (Pandora FMS Team)