Security update for horde
(Last modified: 01AUG2006)
solutions Security update for horde SuSE Linux Maintenance Web (f2da6ff214ea63d1bdc91ab0ad182930)
Product(s): SUSE CORE 9 for x86
SUSE CORE 9 for Itanium Processor Family
SUSE CORE 9 for IBM POWER
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for AMD64 and Intel EM64T
Novell Linux POS 9
Open Enterprise Server
- CVE-2006-3549: services/go.php does not properly restrict its image proxy capability, which allows remote attackers to perform "Web tunneling" attacks and use the server as a proxy via (1) http, (2) https, and (3) ftp URL in the url parameter, which is requested from the server.
rpm -Fvh horde.rpm
Download Source Packages
Download the source code of the patches for maintained products.