Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0757

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0757
Last Modified 07 Mar 2011 09:30:46
Published 17 Feb 2006 09:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0757

Summary

Multiple eval injection vulnerabilities in HiveMail 1.3 and earlier allow remote attackers to execute arbitrary PHP code via (1) the contactgroupid parameter in addressbook.update.php, (2) the messageid parameter in addressbook.add.php, (3) the folderid parameter in folders.update.php, and possibly certain parameters in (4) calendar.event.php, (5) index.php, (6) pop.download.php, (7) read.bounce.php, (8) rules.block.php, (9) language.php, and (10) certain other scripts, as demonstrated by an addressbook.update.php request with a contactgroupid value of phpinfo() preceded by facilitators.

Vulnerable Systems

Application

  • Hivemail 1.1

  • Hivemail 1.1.1

  • Hivemail 1.2

  • Hivemail 1.2 Sp1

  • Hivemail 1.2.1 Beta1

  • Hivemail 1.2.1 Rc

  • Hivemail 1.2.2

  • Hivemail 1.3

  • Hivemail 1.3 Beta1

  • Hivemail 1.3 Rc1


References

XF - hivemail-multiple-file-include(24618)

VUPEN - ADV-2006-0527

MISC - http://www.gulftech.org/?node=research&article_id=00098-02102006

MISC - http://forum.hivemail.com/showthread.php?p=26745

BUGTRAQ - 20060210 HiveMail <= 1.3 Multiple Vulnerabilities

BID - 16591

SECUNIA - 18807


Last Updated: 27 May 2016 10:41:46