BID:51989

Horde Groupware Source Packages Backdoor Vulnerability

Info

Horde Groupware Source Packages Backdoor Vulnerability

Bugtraq ID:	51989
Class:	Unknown
CVE:	CVE-2012-0209
Remote:	Yes
Local:	No
Published:	Feb 13 2012 12:00AM
Updated:	Feb 13 2012 12:00AM
Credit:	Reported by the vendor
Vulnerable:	Horde Project Groupware Webmail Edition 1.2.9 Horde Project Groupware Webmail Edition 1.2.6 Horde Project Groupware Webmail Edition 1.2.5 Horde Project Groupware Webmail Edition 1.2.4 Horde Project Groupware Webmail Edition 1.2.3 RC1 Horde Project Groupware Webmail Edition 1.2.2 Horde Project Groupware Webmail Edition 1.2.1 Horde Project Groupware Webmail Edition 1.1.6 Horde Project Groupware Webmail Edition 1.1.5 Horde Project Groupware Webmail Edition 1.1.4 Horde Project Groupware Webmail Edition 1.1.3 Horde Project Groupware Webmail Edition 1.1.2 Horde Project Groupware Webmail Edition 1.1.1 Horde Project Groupware Webmail Edition 1.0.8 Horde Project Groupware Webmail Edition 1.0.7 Horde Project Groupware Webmail Edition 1.0.6 Horde Project Groupware Webmail Edition 1.0.5 Horde Project Groupware Webmail Edition 1.0.4 Horde Project Groupware Webmail Edition 1.0.3 Horde Project Groupware Webmail Edition 1.2 Horde Project Groupware Webmail Edition 1.0-RC2 Horde Project Groupware Webmail Edition 1.0 Horde Project Groupware Webmail Edition 0 Horde Project Groupware 1.2.9 Horde Project Groupware 1.2.8 Horde Project Groupware 1.2.6 Horde Project Groupware 1.2.5 Horde Project Groupware 1.2.4 Horde Project Groupware 1.2.1 Horde Project Groupware 1.1.6 Horde Project Groupware 1.1.5 Horde Project Groupware 1.1.4 Horde Project Groupware 1.1.3 Horde Project Groupware 1.1.2 Horde Project Groupware 1.1.1 Horde Project Groupware 1.0.7 Horde Project Groupware 1.0.6 Horde Project Groupware 1.0.5 Horde Project Groupware 1.0.4 Horde Project Groupware 1.0.3 Horde Project Groupware 1.0.2 Horde Project Groupware 1.2.9 Webmail Horde Project Groupware 1.2.8 Webmail Horde Project Groupware 1.2.7 Webmail Horde Project Groupware 1.2.6 Webmail Horde Project Groupware 1.2.3 Webmail Horde Project Groupware 1.2.10 Horde Project Groupware 1.2 Rc1 Webmail Horde Project Groupware 1.2 Horde Project Groupware 1.1.3 Webmail Horde Project Groupware 1.1 Webmail Horde Project Groupware 1.1 Rc4 Webmail Horde Project Groupware 1.1 Rc3 Webmail Horde Project Groupware 1.1 Rc2 Webmail Horde Project Groupware 1.1 Rc1 Webmail Horde Project Groupware 1.0.7 Webmail Horde Project Groupware 1.0.2 Webmail Horde Project Groupware 1.0.1 Webmail Horde Project Groupware 1.0-RC3 Horde Project Groupware 1.0 Rc1 Webmail Horde Project Groupware 1.0

Not Vulnerable:	Horde Project Groupware Webmail 1.2.11 Horde Project Groupware 1.2.11

Discussion

Horde Groupware Source Packages Backdoor Vulnerability

Horde Groupware is prone to a backdoor vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application.

Horde Groupware versions 1.2.10 between November 2, 2011, and February 7, 2012, are vulnerable.

Exploit / POC

Horde Groupware Source Packages Backdoor Vulnerability

An attacker can use readily available tools to exploit this issue.

The following exploit is available:

/data/vulnerabilities/exploits/51989.rb

Solution / Fix

Horde Groupware Source Packages Backdoor Vulnerability

Solution:
The vendor released an update. Please see the references for details.

References

Horde Groupware Source Packages Backdoor Vulnerability

References:

[announce] [SECURITY] Remote execution backdoor after server hack (CVE-2012-0209 (Horde Project)
[announce] Horde Groupware 1.2.11 (final) (Horde Project)
[announce] Horde Groupware Webmail Edition 1.2.11 (final) (Horde Project)
Commit (Horde Project)