Horde Admin Account Default Password

critical Nessus Plugin ID 20171

Synopsis

The remote web server contains a PHP application that uses a default administrative password.

Description

The remote installation of horde uses an administrative account with no password. An attacker can leverage this issue to gain full control over the affected application and to run arbitrary shell, PHP, and SQL commands using the supplied admin utilities.

Note that while the advisory is from Debian, the flaw is not specific to that distribution - any installation of Horde that has not been completely configured is vulnerable.

Solution

Either remove Horde or complete its configuration by configuring an authentication backend.

See Also

https://www.horde.org/apps/horde/docs/?f=INSTALL.html#configuring-horde

Plugin Details

Severity: Critical

ID: 20171

File Name: horde_default_passwd.nasl

Version: 1.23

Type: remote

Family: CGI abuses

Published: 11/8/2005

Updated: 6/4/2024

Configuration: Enable thorough checks

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:horde:horde_application_framework

Required KB Items: www/horde

Excluded KB Items: Settings/disable_cgi_scanning, global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 11/7/2005

Reference Information

CVE: CVE-2005-3344

BID: 15337

DSA: 884