Summary
| Detail | |||
|---|---|---|---|
| Vendor | Squirrelmail | First view | 2006-06-06 |
| Product | Squirrelmail | Last view | 2019-07-01 |
| Version | 1.4.5 | Type | Application |
| Update | rc1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:squirrelmail:squirrelmail | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |||||||
|---|---|---|---|---|---|---|---|---|---|
| 6.1 | 2019-07-01 | CVE-2019-12970 | XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1.5.2. Due to improper handling of RCDATA and RAWTEXT type elements, the built-in sanitization mechanism can be bypassed. Malicious script content from HTML e-mail can be executed within the application context via crafted use of (for example) a NOEMBED, NOFRAMES, NOSCRIPT, or TEXTAREA element. | ||||||
| 6.1 | 2018-08-05 | CVE-2018-14955 | The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). | ||||||
| 6.1 | 2018-08-05 | CVE-2018-14954 | The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. | ||||||
| 6.1 | 2018-08-05 | CVE-2018-14953 | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " | 2018-08-05 | CVE-2018-14952 | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " | 2018-08-05 | CVE-2018-14951 | The mail message display page in SquirrelMail through 1.4.22 has XSS via a " |
| 5.8 | 2009-05-14 | CVE-2009-1580 | Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie. | ||||||
| 6.8 | 2009-05-14 | CVE-2009-1579 | The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. | ||||||
| 4.3 | 2009-05-14 | CVE-2009-1578 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 and NaSMail before 1.7 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_headers.php; (2) PHP_SELF; and (3) the query string (aka QUERY_STRING). | ||||||
| 4.3 | 2008-12-04 | CVE-2008-2379 | Cross-site scripting (XSS) vulnerability in SquirrelMail before 1.4.17 allows remote attackers to inject arbitrary web script or HTML via a crafted hyperlink in an HTML part of an e-mail message. | ||||||
| 7.5 | 2007-05-13 | CVE-2007-2631 | Cross-site request forgery (CSRF) vulnerability in SquirrelMail 1.4.8-4.fc6 and earlier allows remote attackers to perform unspecified actions as arbitrary users via unspecified vectors. NOTE: this issue might overlap CVE-2007-2589 or CVE-2002-1648. | ||||||
| 2.6 | 2006-06-22 | CVE-2006-3174 | Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter. | ||||||
| 7.5 | 2006-06-06 | CVE-2006-2842 | PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 63% (12) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 10% (2) | CWE-352 | Cross-Site Request Forgery (CSRF) |
| 10% (2) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 5% (1) | CWE-399 | Resource Management Errors |
| 5% (1) | CWE-287 | Improper Authentication |
| 5% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 74089 | SquirrelMail Spellchecking Plugin > Character XSS |
| 74088 | SquirrelMail options_order Page XSS |
| 74087 | SquirrelMail Multiple Password Disclosure CSRF |
| 74086 | SquirrelMail Preference Value Manipulation CRLF Injection |
| 74085 | SquirrelMail functions/mime.php Email Message STYLE Tag XSS |
| 74084 | SquirrelMail functions/options.php Drop-Down Selection List XSS |
| 74083 | SquirrelMail functions/page_header.php Page Frame Rendering Clickjacking Weak... |
| 67245 | Squirrelmail Login Page functions/imap_general.php 8-bit Character Password D... |
| 65696 | SquirrelMail Mail Fetch Plugin Modified POP3 Port Number Access Restriction B... |
| 57001 | SquirrelMail Multiple Form Pages CSRF |
| 54508 | SquirrelMail E-mail Crafted CSS Positioning XSS |
| 54507 | SquirrelMail Login Function Unspecified Session Fixation |
| 54506 | SquirrelMail Example map_yp_alias Username Mapping Alias Unspecified Arbitrar... |
| 54505 | SquirrelMail contrib/decrypt_headers.php Unspecified XSS |
| 54504 | SquirrelMail Crafted Link Multiple Unspecified XSS |
| 50460 | SquirrelMail Crafted Email HTML Hyperlink XSS |
| 35890 | SquirrelMail Unspecified CSRF |
| 26610 | SquirrelMail search.php mailbox Parameter XSS |
| 25973 | SquirrelMail functions/plugin.php plugins[] Parameter Local File Inclusion |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-07-30 | Name : CentOS Update for squirrelmail CESA-2012:0103 centos5 File : nvt/gb_CESA-2012_0103_squirrelmail_centos5.nasl |
| 2012-07-30 | Name : CentOS Update for squirrelmail CESA-2012:0103 centos4 File : nvt/gb_CESA-2012_0103_squirrelmail_centos4.nasl |
| 2012-02-13 | Name : RedHat Update for squirrelmail RHSA-2012:0103-01 File : nvt/gb_RHSA-2012_0103-01_squirrelmail.nasl |
| 2012-02-06 | Name : Mac OS X Multiple Vulnerabilities (2012-001) File : nvt/gb_macosx_su12-001.nasl |
| 2011-09-21 | Name : Debian Security Advisory DSA 2291-1 (squirrelmail) File : nvt/deb_2291_1.nasl |
| 2011-08-18 | Name : Mandriva Update for squirrelmail MDVSA-2011:123 (squirrelmail) File : nvt/gb_mandriva_MDVSA_2011_123.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:1490 centos3 i386 File : nvt/gb_CESA-2009_1490_squirrelmail_centos3_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:1066 centos5 i386 File : nvt/gb_CESA-2009_1066_squirrelmail_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:1066 centos3 i386 File : nvt/gb_CESA-2009_1066_squirrelmail_centos3_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:0010 centos5 i386 File : nvt/gb_CESA-2009_0010_squirrelmail_centos5_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:0010 centos4 i386 File : nvt/gb_CESA-2009_0010_squirrelmail_centos4_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:0010 centos3 i386 File : nvt/gb_CESA-2009_0010_squirrelmail_centos3_i386.nasl |
| 2011-08-09 | Name : CentOS Update for squirrelmail CESA-2009:1490 centos4 i386 File : nvt/gb_CESA-2009_1490_squirrelmail_centos4_i386.nasl |
| 2011-07-27 | Name : Fedora Update for squirrelmail FEDORA-2011-9309 File : nvt/gb_fedora_2011_9309_squirrelmail_fc14.nasl |
| 2011-07-27 | Name : Fedora Update for squirrelmail FEDORA-2011-9311 File : nvt/gb_fedora_2011_9311_squirrelmail_fc15.nasl |
| 2010-08-30 | Name : Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail) File : nvt/gb_mandriva_MDVSA_2010_158.nasl |
| 2010-08-21 | Name : Debian Security Advisory DSA 2091-1 (squirrelmail) File : nvt/deb_2091_1.nasl |
| 2010-08-13 | Name : SquirrelMail Remote Denial of Service Vulnerability File : nvt/gb_SquirrelMail_42399.nasl |
| 2010-08-13 | Name : Fedora Update for squirrelmail FEDORA-2010-11422 File : nvt/gb_fedora_2010_11422_squirrelmail_fc13.nasl |
| 2010-08-13 | Name : Fedora Update for squirrelmail FEDORA-2010-11410 File : nvt/gb_fedora_2010_11410_squirrelmail_fc12.nasl |
| 2010-06-25 | Name : Fedora Update for squirrelmail FEDORA-2010-10264 File : nvt/gb_fedora_2010_10264_squirrelmail_fc11.nasl |
| 2010-06-25 | Name : Fedora Update for squirrelmail FEDORA-2010-10244 File : nvt/gb_fedora_2010_10244_squirrelmail_fc12.nasl |
| 2010-06-25 | Name : Fedora Update for squirrelmail FEDORA-2010-10259 File : nvt/gb_fedora_2010_10259_squirrelmail_fc13.nasl |
| 2010-06-25 | Name : Mandriva Update for squirrelmail MDVSA-2010:120 (squirrelmail) File : nvt/gb_mandriva_MDVSA_2010_120.nasl |
| 2010-06-22 | Name : SquirrelMail 'mail_fetch' Remote Information Disclosure Vulnerability File : nvt/gb_SquirrelMail_40291.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-11-30 | SquirrelMail directory traversal attempt RuleID : 44697 - Type : MALWARE-CNC - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2009-0010.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2009-0057.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2009-1066.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2013-0126.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2012-0103.nasl - Type: ACT_GATHER_INFO |
| 2013-07-12 | Name: The remote Oracle Linux host is missing a security update. File: oraclelinux_ELSA-2009-1490.nasl - Type: ACT_GATHER_INFO |
| 2013-01-17 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2013-0126.nasl - Type: ACT_GATHER_INFO |
| 2013-01-17 | Name: The remote Scientific Linux host is missing a security update. File: sl_20130108_squirrelmail_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
| 2013-01-08 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2013-0126.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing a security update. File: sl_20090112_squirrelmail_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing a security update. File: sl_20090526_squirrelmail_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing a security update. File: sl_20091008_squirrelmail_on_SL3_x.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing a security update. File: sl_20120208_squirrelmail_on_SL4_x.nasl - Type: ACT_GATHER_INFO |
| 2012-02-09 | Name: The remote CentOS host is missing a security update. File: centos_RHSA-2012-0103.nasl - Type: ACT_GATHER_INFO |
| 2012-02-09 | Name: The remote Red Hat host is missing a security update. File: redhat-RHSA-2012-0103.nasl - Type: ACT_GATHER_INFO |
| 2012-02-02 | Name: The remote host is missing a Mac OS X update that fixes multiple security vul... File: macosx_SecUpd2012-001.nasl - Type: ACT_GATHER_INFO |
| 2011-08-09 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2291.nasl - Type: ACT_GATHER_INFO |
| 2011-07-25 | Name: The remote Fedora host is missing a security update. File: fedora_2011-9309.nasl - Type: ACT_GATHER_INFO |
| 2011-07-25 | Name: The remote Fedora host is missing a security update. File: fedora_2011-9311.nasl - Type: ACT_GATHER_INFO |
| 2010-08-17 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-2091.nasl - Type: ACT_GATHER_INFO |
| 2010-08-12 | Name: The remote Fedora host is missing a security update. File: fedora_2010-11422.nasl - Type: ACT_GATHER_INFO |
| 2010-08-12 | Name: The remote Fedora host is missing a security update. File: fedora_2010-11410.nasl - Type: ACT_GATHER_INFO |
| 2010-07-01 | Name: The remote Fedora host is missing a security update. File: fedora_2010-10264.nasl - Type: ACT_GATHER_INFO |
| 2010-07-01 | Name: The remote Fedora host is missing a security update. File: fedora_2010-10244.nasl - Type: ACT_GATHER_INFO |
| 2010-07-01 | Name: The remote Fedora host is missing a security update. File: fedora_2010-10259.nasl - Type: ACT_GATHER_INFO |
