CVE-2006-0757

Name of the Vulnerable Software and Affected Versions HiveMail versions 1.3 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code. This can be achieved via several parameters in different PHP scripts, including contactgroupid in "addressbook.update.php", messageid in "addressbook.add.php", and folderid in "folders.update.php". Other potentially vulnerable scripts and parameters include those in "calendar.event.php", "index.php", "pop.download.php", "read.bounce.php", "rules.block.php", "language.php", and possibly others. An example of exploitation is an "addressbook.update.php" request with a contactgroupid value set to phpinfo().

Recommendations For HiveMail versions 1.3 and earlier, as a temporary workaround, consider restricting access to the vulnerable parameters contactgroupid, messageid, and folderid in the respective PHP scripts until a patch is available. Additionally, limiting the use of potentially vulnerable scripts such as "calendar.event.php", "index.php", "pop.download.php", "read.bounce.php", "rules.block.php", and "language.php" can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.