| VID |
21338 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The SquirrelMail package installed on the Web server, according to its version number, has multiple Vulnerabilities.
SquirrelMail is a Web mail system written in PHP4. SquirrelMail versions prior to 1.4.3 are vulnerable to the following multiple vulnerabilities:
- Folder Name Cross-Site Scripting Vulnerability (CAN-2004-0519)
- Email Header HTML Injection Vulnerability (CAN-2004-0520)
- SQL Injection Vulnerability (CAN-2004-0521)
These issues are caused by a failure of the application to properly sanitize user-supplied input data. A remote attacker could use these vulnerabilities to add, modify or delete user information in the backend database, or to steal the session cookie.
* Note: This check solely relied on the version number of the remote SquirrelMail to assess this vulnerability, so this might be a false positive.
* References:
http://www.osvdb.org/displayvuln.php?osvdb_id=8292
http://marc.theaimsgroup.com/?l=bugtraq&m=108334862800260
http://marc.theaimsgroup.com/?l=bugtraq&m=108611554415078&w=2
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt
http://marc.theaimsgroup.com/?l=squirrelmail-cvs&m=108532891231712
http://marc.theaimsgroup.com/?l=squirrelmail-cvs&m=108309375029888
* Platforms Affected:
SquirrelMail Project Team, SquirrelMail prior to 1.4.3
SquirrelMail Project Team, SquirrelMail 1.5.0, 1.5.1 development version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of SquirrelMail (1.4.3 or later), available from the SquirrelMail Download web site at http://www.squirrelmail.org/download.php |
| Related URL |
CVE-2004-0519,CVE-2004-0520,CVE-2004-0521 (CVE) |
| Related URL |
10246,10397,10439 (SecurityFocus) |
| Related URL |
16025,16285,16235 (ISS) |
|
