| VID |
21296 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The SquirrelMail package installed on the Web server, according to its version number, has a remote command execution vulnerability in parseAddress function.
SquirrelMail is a webmail package written in PHP. SquirrelMail versions prior to 1.4.2 with GPG plug-in versions 1.1 and earlier could allow a remote attacker to execute arbitrary commands on the system. The function "parseAddress()" parses email addresses in an insecure manner when encrypting emails. This could allow malicious users to include arbitrary system commands using shell meta characters like ";". By creating a specially-crafted email, a remote attacker could execute arbitrary commands on the system hosting the vulnerable SquirrelMail.
* Note: This check solely relied on the version number of the remote SquirrelMail to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2003-12/0323.html
http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0073.html
http://www.secunia.com/advisories/10493/
* Platforms Affected:
SquirrelMail Project Team, SquirrelMail prior to 1.4.2
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of SquirrelMail (1.4.2 or later), available from the SquirrelMail Download Web site at http://www.squirrelmail.org/download.php |
| Related URL |
CVE-2003-0990 (CVE) |
| Related URL |
9296 (SecurityFocus) |
| Related URL |
14079 (ISS) |
|
