CVE-2002-2024

Name of the Vulnerable Software and Affected Versions Horde IMP version 2.2.7

Description The issue allows remote attackers to obtain the full web root pathname via specific HTTP requests. This can be achieved by requesting certain files, including poppassd.php3, login.php3?reason=chpass2, spelling.php3, and ldap.search.php3?ldap serv=nonsense, which leak the information in error messages.

Recommendations For Horde IMP version 2.2.7, consider restricting access to the mentioned files (poppassd.php3, login.php3, spelling.php3, and ldap.search.php3) to minimize the risk of exploitation. As a temporary workaround, avoid using the ldap serv parameter in the ldap.search.php3 endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.