Tickets :: [#9533] Horde IMP Remote Information Disclosure Vulnerability

6.0.0-beta1

8/7/25

Summary	Horde IMP Remote Information Disclosure Vulnerability
Queue	IMP
Queue Version	Git master
Type	Bug
State	Duplicate
Priority	2. Medium
Owners
Requester	amolchanov (at) parallels (dot) com
Created	01/24/2011 (5309 days ago)
Due
Updated	01/25/2011 (5308 days ago)
Assigned
Resolved	01/24/2011 (5309 days ago)
Github Issue Link
Github Pull Request
Milestone
Patch	No

01/25/2011 09:45:13 AM	amolchanov (at) parallels (dot) com	Comment #5	Reply to this comment
Ok. Simple question: This vulnerability was fixed in last version of IMP (4.3)?

01/25/2011 09:27:26 AM	Jan Schneider	Comment #4	Reply to this comment
http://lmgtfy.com/?q=port+scan+horde

01/25/2011 04:10:05 AM	amolchanov (at) parallels (dot) com	Comment #3	Reply to this comment
Where is i can find result ? I've searched everywhere I could.

01/24/2011 02:42:27 PM	Jan Schneider	Comment #2 State ⇒ Duplicate	Reply to this comment
This is old news that has been dealt with.

01/24/2011 02:29:53 PM	amolchanov (at) parallels (dot) com	Comment #1 Priority ⇒ 2. Medium Patch ⇒ No Milestone ⇒ Queue ⇒ IMP Summary ⇒ Horde IMP Remote Information Disclosure Vulnerability Type ⇒ Bug State ⇒ Unconfirmed	Reply to this comment
http://www.securityfocus.com/bid/40294/info Horde IMP is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to obtain potentially sensitive information that may lead to further attacks. This issue affects unknown versions of Horde IMP. This BID will be updated when more details become available. For more information need read "TEHTRI-SA-2010-010 - Horde 0-day (TEHTRI-Security) " : http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=74