Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > January 2005 > Three vulnerabilities in SquirrelMail

January 2005

Three vulnerabilities in SquirrelMail

ID: 00064
Ref: 56/2005
Date: 25 January 2005:14:39:22
Version: 1
Title: Three vulnerabilities in SquirrelMail
Abstract: An input validation error in webmail.php allows a remote attacker to perform a cross-site scripting attack, executing arbitrary script code in a user's browser in the context of the SquirrelMail site.
Vendors affected: Sourceforge
Operating systems affected: Sourceforge
Applications affected: Sourceforge
Title
=====

Three vulnerabilities in SquirrelMail

Detail
======

An input validation error in webmail.php allows a remote attacker to perform a cross-site scripting attack, executing arbitrary script code in a user's browser in the context of the SquirrelMail site.



- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================


ESB-2005.0075 -- Three vulnerabilities in SquirrelMail
25 January 2005

===========================================================================



Product: SquirrelMail 1.4.4-RC1 and prior
Operating System: UNIX variants
Linux variants
Windows
Impact: Execute Arbitrary Code/Commands
Access: Remote/Unauthenticated


PROBLEMS:

1. An input validation error in webmail.php allows a remote attacker to
perform a cross-site scripting attack, executing arbitrary script
code in a user's browser in the context of the SquirrelMail site.


2. Incorrect input validation in webmail.php allows an attacker to
display arbitrary remote web pages in SquirrelMail's frameset.


3. Incorrect input validation in prefs.php allows an attacker to
include any code from the local system into the SquirrelMail code.

Squirrelmail is only vulnerable to this third vulnerability
if register_globals is set to On, which is not the default.


MITIGATION:

SquirrelMail 1.4.4 has been released fixing these three vulnerabilities.


REFERENCES:

The original SquirrelMail announcement is available at:
http://sourceforge.net/mailarchive/forum.php?thread_id=6403518&forum_id=1988


iQCVAwUBQfWc7Sh9+71yA2DNAQLxJAP/U/fpugOmc/3IC0ASWDUsjsbdEpgbEa9R
0OXYMGlGu6PevbpyNMCvtQ0aZVCM6EUxUdZw/vOIPVlqcOdsPLQbcDc6CSB4Kjzu
7Gh3rThiJl88egJV/6UzxmIST4Y36fNcWxNdubGAo4PLg/nmF8MPfbibvSZOqp06
9IeyDSV6lSM=
=/fnT
- -----END PGP SIGNATURE-----
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |