HTTP: Horde IMP Arbitrary SQL Injection

This signature detects attempts to exploit a known vulnerability in Horde IMP version 2. Attackers can send a maliciously crafted URL to mailbox.php3, which can allow them perform arbitrary SQL queries and possibly gain complete server control.

Extended Description

It has been reported that Imp is prone to multiple SQL injection vulnerabilities. IMP, in some cases, does not sufficiently sanitize user-supplied input which is passed to SQL queries. As a result, it is possible to manipulate SQL queries. This may allow a remote attacker to modify query logic or potentially corrupt the database. Consequences will vary depending on the queries used and the capabilities of the underlying database implementation. These issues occur throughout the database command files for different database implementations, for example 'lib/db.pgsql'. SQL injection attacks may also potentially be used to exploit latent vulnerabilities in the underlying database implementation.

Affected Products

Horde_project horde

Short Name
HTTP:SQL:INJ:IMP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Arbitrary CVE-2003-0025 Horde IMP Injection SQL bid:6559
Release Date
04/22/2003
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Horde_project

CVSS Score

7.5

Found a potential security threat?