CVE-2014-0103
First published: Thu Mar 06 2014(Updated: )
Robert Scheck reported that Zarafa's WebAccess stored session information, including login credentials, on-disk in PHP session files. This session file would contain a user's username and password to the Zarafa IMAP server. If Zarafa WebAccess was run on a shared hosting site (multiple web sites on the same server), and an administrator of another server, with the ability to upload arbitrary scripts to the server, they could use this to obtain these IMAP credentials due to both sites being run by the same Apache user, and the PHP session files being owned by the same. In a non-shared hosting environment, or one using something like SuEXEC, where the PHP session files are owned by individual users on a per-site basis, this would not be an issue. In that case, only a local user able to read these files (either as root or as the user running the Apache web server) would be able to view the credentials.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kopano WebApp | <=1.5 | |
| Zarafa Collaboration Platform | <=7.1.9 | |
| Zarafa Collaboration Platform | =7.0 | |
| Zarafa Collaboration Platform | =7.0.1 | |
| Zarafa Collaboration Platform | =7.0.2 | |
| Zarafa Collaboration Platform | =7.0.3 | |
| Zarafa Collaboration Platform | =7.0.4 | |
| Zarafa Collaboration Platform | =7.0.5 | |
| Zarafa Collaboration Platform | =7.0.6 | |
| Zarafa Collaboration Platform | =7.0.7 | |
| Zarafa Collaboration Platform | =7.0.8 | |
| Zarafa Collaboration Platform | =7.0.9 | |
| Zarafa Collaboration Platform | =7.0.10 | |
| Zarafa Collaboration Platform | =7.0.11 | |
| Zarafa Collaboration Platform | =7.0.12 | |
| Zarafa Collaboration Platform | =7.0.13 | |
| Zarafa Collaboration Platform | =7.1.0 | |
| Zarafa Collaboration Platform | =7.1.1 | |
| Zarafa Collaboration Platform | =7.1.2 | |
| Zarafa Collaboration Platform | =7.1.3 | |
| Zarafa Collaboration Platform | =7.1.4 | |
| Zarafa Collaboration Platform | =7.1.8 | |
| Fedora | =19 | |
| Fedora | =20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c2
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c4
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c5
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c6
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1104803
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1104804
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1073618#c7
- https://bugzilla.redhat.com/show_bug.cgi?id=1073618
- http://advisories.mageia.org/MGASA-2014-0380.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136033.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-July/136044.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2014:182
- http://www.securityfocus.com/bid/68247
Frequently Asked Questions
What is the severity of CVE-2014-0103?
CVE-2014-0103 is considered a medium severity vulnerability due to the exposure of sensitive credentials.
How do I fix CVE-2014-0103?
To fix CVE-2014-0103, ensure that Zarafa WebAccess is upgraded to versions above 1.5 and Zarafa server versions above 7.1.9.
What types of information are exposed in CVE-2014-0103?
CVE-2014-0103 exposes users' login credentials, including usernames and passwords stored in PHP session files.
Which versions of Zarafa are affected by CVE-2014-0103?
CVE-2014-0103 affects Zarafa WebApp versions up to 1.5 and Zarafa server versions up to 7.1.9.
Is CVE-2014-0103 a server-side vulnerability?
Yes, CVE-2014-0103 is a server-side vulnerability that stems from improper session management in Zarafa's WebAccess.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/description
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2014-0103
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/zarafa
- canonical/kopano webapp
- version/kopano webapp/1.5
- canonical/zarafa collaboration platform
- version/zarafa collaboration platform/7.1.9
- version/zarafa collaboration platform/7.0
- version/zarafa collaboration platform/7.0.1
- version/zarafa collaboration platform/7.0.2
- version/zarafa collaboration platform/7.0.3
- version/zarafa collaboration platform/7.0.4
- version/zarafa collaboration platform/7.0.5
- version/zarafa collaboration platform/7.0.6
- version/zarafa collaboration platform/7.0.7
- version/zarafa collaboration platform/7.0.8
- version/zarafa collaboration platform/7.0.9
- version/zarafa collaboration platform/7.0.10
- version/zarafa collaboration platform/7.0.11
- version/zarafa collaboration platform/7.0.12
- version/zarafa collaboration platform/7.0.13
- version/zarafa collaboration platform/7.1.0
- version/zarafa collaboration platform/7.1.1
- version/zarafa collaboration platform/7.1.2
- version/zarafa collaboration platform/7.1.3
- version/zarafa collaboration platform/7.1.4
- version/zarafa collaboration platform/7.1.8
- vendor/fedoraproject
- canonical/fedora
- version/fedora/19
- version/fedora/20