FreeBSD : horde -- Phishing and Cross-Site Scripting Vulnerabilities (e2e8d374-2e40-11db-b683-0008743bf21a)

NASLDB: FreeBSD : horde -- Phishing and Cross-Site Scripting Vulnerabilities (e2e8d374-2e40-11db-b683-0008743bf21a)

General

ID: 22241
Name: FreeBSD : horde — Phishing and Cross-Site Scripting Vulnerabilities (e2e8d374-2e40-11db-b683-0008743bf21a)

Summary: Checks for updated packages in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

Secunia reports :

Some vulnerabilities have been reported in Horde, which can be
exploited by malicious people to conduct phishing and cross-site
scripting attacks.

– Input passed to the ‘url’ parameter in index.php isn’t properly
verified before it is being used to include an arbitrary web site in a
frameset. This can e.g. be exploited to trick a user into believing
certain malicious content is served from a trusted web site.

– Some unspecified input passed in index.php isn’t properly sanitised
before being returned to the user. This can be exploited to execute
arbitrary HTML and script code in a user’s browser session in context
of an affected site.

Exploiting

Exploit Available: True
Exploitability Ease: Exploits are available

Sources

CVE: CVE-2006-4255
OSVDB: –
Bugtraq: 19544
scipID: –

Timeline

Vulnerability Disclosure: 2006/08/17
Patch Release: 2006/08/17
Plugin Release: 2006/08/21

Plugin

Version: 1.18
Filename: freebsd_pkg_e2e8d3742e4011dbb6830008743bf21a.nasl
Filesize: 5102 bytes
MD5 Hash: 65e41d75a3caed2ed94e9b6a6b8cae68

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"