| VID |
21297 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The SquirrelMail package installed on the Web server is vulnerable to multiple cross-site scripting attacks.
SquirrelMail is a webmail package written in PHP. SquirrelMail versions 1.4.2 and earlier could allow for local root access and remote cross-site scripting attacks. Specially, SquirrelMail version 1.4.2 contains a cross-site scripting vulnerability in 'compose.php' script.
Various local exploits could allow a local attacker to overflow a buffer and execute arbitrary code on the system with root privileges, and various cross-site scripting flaws could also allow a remote attacker to steal cookie-based authentication credentials.
* Note: This check solely relied on the version number of the remote SquirrelMail to assess this vulnerability, so this might be a false positive.
* References:
http://archives.neohapsis.com/archives/bugtraq/2004-04/0363.html
http://archives.neohapsis.com/archives/bugtraq/2004-04/0354.html
http://packetstormsecurity.nl/0404-exploits/0x3142-sq-chpasswd.c
http://packetstormsecurity.nl/0405-exploits/sq-chpass-exp.c
* Platforms Affected:
SquirrelMail Project Team, SquirrelMail 1.4.2 and earlier
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of SquirrelMail (1.4.3 or later), when it becomes available from the SquirrelMail Download Web site at http://www.squirrelmail.org/download.php |
| Related URL |
CVE-2004-0524,CVE-2004-0519 (CVE) |
| Related URL |
10166,10246 (SecurityFocus) |
| Related URL |
15889,16025 (ISS) |
|
