The popular open-source webmail software Roundcube has been identified with a security vulnerability that allows hackers to compromise it by sending a single e-mail message.
Roundcube Is Under Attack
The popular open-source webmail solution Roundcube has recently been identified to posses a serious security weakness. It allows hackers to cause a remote crash just by sending a single mesage with valid data.
This is caused by an abuse of a parameter that allows the remote attackers to execute the sendmail program with an “-X” option which logs mail traffic and can cause the problem. A demonstration has revealed that the attackers can use an HTTP request to the server and place a malicious PHP file which allows code injections through the e-mail’s subject line.
The email data is passed in unencoded form and this is used as a carrier of the PHP tags which can be placed in the shell file. This issue has been patched with the security release of version 1.2.3. All administrators are urged to update to the latest version of the program immediately.
The Scope of The Roundcube Threat
Roundcube is one of the most popular open-source web-based clients. It uses the AJAX technology in its user interface which makes it very easy to use by the computer users.
It’s extensive feature set includes the following:
- Connects to any IMAPv4 server
- Encrypted TLSv1.2 connection to IMAP server using PHP5.6 SSL/TLS libraries
- Available in over 60 languages
- Full support for MIME and HTML messages
- Compose Richtext/HTML messages with attachments
- Multiple sender identities
- Threaded message listing
- IDNA support
- Full-featured address book based on vCard with group support
- LDAP directory integration for address books
- Find-as-you-type address book integration
- Forwarding messages with attachments
- Built-in caching for fast mailbox access
- Searching messages and contacts
- Spell checking
- Support for external SMTP server
- Support for shared/global folders and IMAP ACLs
- IMAP folder management
- Template system for custom themes
Roundcube is bundled with the majority of the web hosting accounts and is also used by a lot of the academic institutions, government facilities and etc.