SquirrelMail compose.php script does not adequately validate input thereby allowing arbitrary user to send messages

2002-05-30T00:00:00
ID VU:153043
Type cert
Reporter CERT
Modified 2007-05-10T17:06:00

Description

Overview

Some versions of SquirrelMail do not properly validate input. Attackers can spoof email addresses through this vulnerability.

Description

SquirrelMail is a collection of PHP4 scripts that provides webmail services. Prior to version 1.24, SquirrelMail does not properly validate Universal Resource Identifiers (URI's) and JavaScript code embedded in HTML tags within an email message. These tags are sent by SquirrelMail to the user's web browser, which could make the browser request the embedded URI's or execute the JavaScript code.


Impact

An attacker could craft an email message to a SquirrelMail user which, when read by the user, could automatically send email from the user's account to any address of the attacker's choice. This vulnerability could also be used in a cross-site scripting attack to hijack an authenticated user's session.


Solution

Upgrade SquirrelMail to version 1.2.4 or later, available from:

<http://www.squirrelmail.org/download.php>


Vendor Information

153043

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Vendor has issued information

__ Sort by: Status Alphabetical

Expand all

Affected Unknown __ Unaffected

Javascript is disabled. Click here to view vendors.

SquirrelMail Project Team

Notified: January 28, 2002 Updated: May 30, 2002

Status

__ Vulnerable

Vendor Statement

"SquirrelMail 1.2.4 is the release that fixed the problem."

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Upgrade SquirrelMail to version 1.2.4 or later, available from

<http://www.squirrelmail.org/download.php>

If you have feedback, comments, or additional information about this vulnerability, please send us email.

CVSS Metrics

Group | Score | Vector
---|---|---
Base | N/A | N/A
Temporal | N/A | N/A
Environmental | | N/A

References

  • <http://www.securityfocus.com/bid/3956>
  • <http://xforce.iss.net/xforce/xfdb/7989>
  • <http://www.squirrelmail.org/>

Credit

Thanks to Tom McAdam for reporting this vulnerability.

This document was written by Shawn Van Ittersum.

Other Information

CVE IDs: | CVE-2002-1648
---|---
Severity Metric:** | 1.07
Date Public:
| 2002-01-24
Date First Published: | 2002-05-30
Date Last Updated: | 2007-05-10 17:06 UTC
Document Revision: | 12