CVE-2014-0103
First published: Thu Mar 06 2014(Updated: )
Robert Scheck reported that Zarafa's WebAccess stored session information, including login credentials, on-disk in PHP session files. This session file would contain a user's username and password to the Zarafa IMAP server. If Zarafa WebAccess was run on a shared hosting site (multiple web sites on the same server), and an administrator of another server, with the ability to upload arbitrary scripts to the server, they could use this to obtain these IMAP credentials due to both sites being run by the same Apache user, and the PHP session files being owned by the same. In a non-shared hosting environment, or one using something like SuEXEC, where the PHP session files are owned by individual users on a per-site basis, this would not be an issue. In that case, only a local user able to read these files (either as root or as the user running the Apache web server) would be able to view the credentials.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zarafa WebApp | <=1.5 | |
| Zarafa Zarafa | <=7.1.9 | |
| Zarafa Zarafa | =7.0 | |
| Zarafa Zarafa | =7.0.1 | |
| Zarafa Zarafa | =7.0.2 | |
| Zarafa Zarafa | =7.0.3 | |
| Zarafa Zarafa | =7.0.4 | |
| Zarafa Zarafa | =7.0.5 | |
| Zarafa Zarafa | =7.0.6 | |
| Zarafa Zarafa | =7.0.7 | |
| Zarafa Zarafa | =7.0.8 | |
| Zarafa Zarafa | =7.0.9 | |
| Zarafa Zarafa | =7.0.10 | |
| Zarafa Zarafa | =7.0.11 | |
| Zarafa Zarafa | =7.0.12 | |
| Zarafa Zarafa | =7.0.13 | |
| Zarafa Zarafa | =7.1.0 | |
| Zarafa Zarafa | =7.1.1 | |
| Zarafa Zarafa | =7.1.2 | |
| Zarafa Zarafa | =7.1.3 | |
| Zarafa Zarafa | =7.1.4 | |
| Zarafa Zarafa | =7.1.8 | |
| Fedoraproject Fedora | =19 | |
| Fedoraproject Fedora | =20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c2
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c4
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c5
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c6
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1104803
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1104804
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c7
- https://bugzilla.redhat.com/show_bug.cgi?id=1073618
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136033.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136044.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/68247
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/tags
- agent/last-modified-date
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-0103
- vendor/zarafa
- canonical/zarafa webapp
- version/zarafa webapp/1.5
- canonical/zarafa zarafa
- version/zarafa zarafa/7.1.9
- version/zarafa zarafa/7.0
- version/zarafa zarafa/7.0.1
- version/zarafa zarafa/7.0.2
- version/zarafa zarafa/7.0.3
- version/zarafa zarafa/7.0.4
- version/zarafa zarafa/7.0.5
- version/zarafa zarafa/7.0.6
- version/zarafa zarafa/7.0.7
- version/zarafa zarafa/7.0.8
- version/zarafa zarafa/7.0.9
- version/zarafa zarafa/7.0.10
- version/zarafa zarafa/7.0.11
- version/zarafa zarafa/7.0.12
- version/zarafa zarafa/7.0.13
- version/zarafa zarafa/7.1.0
- version/zarafa zarafa/7.1.1
- version/zarafa zarafa/7.1.2
- version/zarafa zarafa/7.1.3
- version/zarafa zarafa/7.1.4
- version/zarafa zarafa/7.1.8
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/19
- version/fedoraproject fedora/20