Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Horde webmail: mysql access
From: sig () flaming tolna net
Date: Sun, 25 Apr 2004 23:11:27 +0200
Hello

I've found a very interesting feature in Horde webmail system...

Horde is a very popular PHP based webmail system, with many accessories. Most of these web applications (for example: 
turba, mnemo, etc) are using mysql
database server, to store e-mail addresses, user memos, informations about users, sometimes passwords etc.

By default, You can access to these database servers, with the username: "horde" and with no password, from a remote 
host. 
Then you will have permission to list the databases, and to use some of them. In fact, "horde" and "test" databases are 
available for reading, and 
writing, in many cases. 

I think it is dangerous; There are many open-wide database servers around the world -> everybody can use them for their 
own purposes.
(Horde users personal memos, address lists, and (sometimes their) passwords are also accessible)

This is not a bug, this is a feature. (?)
Problem can be solved using a configured firewall, or an ACL, or just deny the connections from outside and allow only 
localhost for mysqld. 

ps: i think, unwanted connections from the internet can cause Denial of Service attacks; too many db queries, or 
storing long size datas can be 
dangerous ...
what do you think about it?


sigterm <sigterm () c3 hu>
        <sig () flaming tolna net>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]