Vulnerability Description
services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Horde | Horde Application Framework | 3.0.0 |
References
- http://lists.horde.org/archives/announce/2006/000287.htmlPatch
- http://lists.horde.org/archives/announce/2006/000288.html
- http://moritz-naumann.com/adv/0011/hordemulti/0011.txtExploit
- http://secunia.com/advisories/20954
- http://secunia.com/advisories/21459
- http://secunia.com/advisories/27565
- http://securityreason.com/securityalert/1229
- http://securitytracker.com/id?1016442Exploit
- http://www.debian.org/security/2007/dsa-1406
- http://www.novell.com/linux/security/advisories/2006_19_sr.html
- http://www.securityfocus.com/archive/1/439255/100/0/threaded
- http://www.securityfocus.com/bid/18845Exploit
- http://www.vupen.com/english/advisories/2006/2694
- http://lists.horde.org/archives/announce/2006/000287.htmlPatch
- http://lists.horde.org/archives/announce/2006/000288.html
FAQ
What is CVE-2006-3549?
CVE-2006-3549 is a vulnerability with a CVSS score of 5.0 (MEDIUM). services/go.php in Horde Application Framework 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1 does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneli...
How severe is CVE-2006-3549?
CVE-2006-3549 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-3549?
Check the references section above for vendor advisories and patch information. Affected products include: Horde Horde Application Framework.