Executive Summary
| Summary | |
|---|---|
| Title | squirrelmail security update |
| Informations | |||
|---|---|---|---|
| Name | RHSA-2005:099 | First vendor Publication | 2005-02-15 |
| Vendor | RedHat | Last vendor Modification | 2005-02-15 |
| Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Problem Description: An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - noarch Red Hat Enterprise Linux Desktop version 4 - noarch Red Hat Enterprise Linux ES version 4 - noarch Red Hat Enterprise Linux WS version 4 - noarch 3. Problem description: SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecure file inclusions on servers where the PHP setting "register_globals" is set to "On". This is not a default or recommended setting. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0075 to this issue. A URL sanitisation bug was found in Squirrelmail. This flaw could allow a cross site scripting attack when loading the URL for the sidebar. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0103 to this issue. A missing variable initialization bug was found in Squirrelmail. This flaw could allow a cross site scripting attack. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0104 to this issue. Users of Squirrelmail are advised to upgrade to this updated package, which contains backported patches to correct these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: http://www.redhat.com/docs/manuals/enterprise/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 145387 - CAN-2005-0075 Arbitrary code injection in Squirrelmail 145967 - CAN-2005-0103 Multiple issues in squirrelmail (CAN-2005-0104) |
Original Source
| Url : https://rhn.redhat.com/errata/RHSA-2005-099.html |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:10568 | |||
| Oval ID: | oval:org.mitre.oval:def:10568 | ||
| Title: | Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables. | ||
| Description: | Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-0104 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:10670 | |||
| Oval ID: | oval:org.mitre.oval:def:10670 | ||
| Title: | PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. | ||
| Description: | PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-0103 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:9587 | |||
| Oval ID: | oval:org.mitre.oval:def:9587 | ||
| Title: | prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. | ||
| Description: | prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2005-0075 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2008-09-24 | Name : Gentoo Security Advisory GLSA 200501-39 (SquirrelMail) File : nvt/glsa_200501_39.nasl |
| 2008-09-04 | Name : FreeBSD Ports: squirrelmail, ja-squirrelmail File : nvt/freebsd_squirrelmail.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 662-1 (squirrelmail) File : nvt/deb_662_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 662-2 (squirrelmail) File : nvt/deb_662_2.nasl |
| 2005-11-03 | Name : SquirrelMail < 1.4.4 XSS Vulnerabilities File : nvt/squirrelmail_144.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 13147 | SquirrelMail prefs.php Local File Inclusion |
| 13146 | SquirrelMail Frameset Arbitrary HTML Inclusion |
| 13145 | SquirrelMail webmail.php XSS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2005-09-12 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-260.nasl - Type : ACT_GATHER_INFO |
| 2005-07-13 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_79630c0c8dcc45d099084087fe1d618c.nasl - Type : ACT_GATHER_INFO |
| 2005-05-19 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-259.nasl - Type : ACT_GATHER_INFO |
| 2005-02-22 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-099.nasl - Type : ACT_GATHER_INFO |
| 2005-02-14 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200501-39.nasl - Type : ACT_GATHER_INFO |
| 2005-02-10 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2005-135.nasl - Type : ACT_GATHER_INFO |
| 2005-02-02 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-662.nasl - Type : ACT_GATHER_INFO |
| 2005-01-24 | Name : The remote host has a PHP script that is affected by multiple vulnerabilities. File : squirrelmail_144.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:49:00 |
|
