Lucene search
Tenable5037.PRMHistoryAug 18, 2004 - 12:00 a.m.
SquirrelMail < 1.4.18 Multiple Vulnerabilities
2004-08-1800:00:00
Tenable
www.tenable.com
11
The remote host is running SquirrelMail, a web-based email client. The installed version of SquirrelMail is affected by multiple vulnerabilities :
-
Multiple cross-site scripting vulnerabilities.
-
A code-injection vulnerability affects the βmap_yp_aliasβ function which an attacker could exploit to execute arbitrary code subject to the privileges of the web server.
-
Multiple session-fixation issues could allow an attacker to steal an unsuspecting userβs session.
Binary data 5037.prm| Vendor | Product | Version | CPE |
|---|---|---|---|
| squirrelmail | squirrelmail | cpe:/a:squirrelmail:squirrelmail |