Debian DSA-2091-1 : squirrelmail - No user-specific token implemented

2010-08-17T00:00:00

Description

SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery (CSRF) attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other actions, by tricking the victim into following a link controlled by the offender. In addition, a denial-of-service was fixed, which could be triggered when a password containing 8-bit characters was used to log in (CVE-2010-2813 ).

{"id": "DEBIAN_DSA-2091.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Debian DSA-2091-1 : squirrelmail - No user-specific token implemented", "description": "SquirrelMail, a webmail application, does not employ a user-specific token for webforms. This allows a remote attacker to perform a Cross Site Request Forgery (CSRF) attack. The attacker may hijack the authentication of unspecified victims and send messages or change user preferences among other actions, by tricking the victim into following a link controlled by the offender.\n\nIn addition, a denial-of-service was fixed, which could be triggered when a password containing 8-bit characters was used to log in (CVE-2010-2813 ).", "published": "2010-08-17T00:00:00", "modified": "2021-01-04T00:00:00", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/48344", "reporter": "This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543818", "https://www.debian.org/security/2010/dsa-2091", "https://security-tracker.debian.org/tracker/CVE-2010-2813", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2813", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2964"], "cvelist": ["CVE-2009-2964", "CVE-2010-2813"], "immutableFields": [], "lastseen": "2021-08-19T13:03:20", "viewCount": 11, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2009:1490", "CESA-2012:0103", "CESA-2013:0126"]}, {"type": "cve", "idList": ["CVE-2009-2964", "CVE-2010-2813", "CVE-2012-2124"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2091-1:23614"]}, {"type": "fedora", "idList": ["FEDORA:1D01A11130D", "FEDORA:D55C11113FA"]}, {"type": "jvn", "idList": ["JVN:30881447"]}, {"type": "nessus", "idList": ["5147.PRM", "5571.PRM", "5629.PRM", "800793.PRM", "CENTOS_RHSA-2009-1490.NASL", "CENTOS_RHSA-2012-0103.NASL", "CENTOS_RHSA-2013-0126.NASL", "FEDORA_2009-8797.NASL", "FEDORA_2009-8822.NASL", "FEDORA_2010-11410.NASL", "FEDORA_2010-11422.NASL", "MACOSX_10_6_4.NASL", "MACOSX_SECUPD2010-004.NASL", "MACOSX_SECUPD2012-001.NASL", "ORACLELINUX_ELSA-2009-1490.NASL", "ORACLELINUX_ELSA-2012-0103.NASL", "ORACLELINUX_ELSA-2013-0126.NASL", "REDHAT-RHSA-2009-1490.NASL", "REDHAT-RHSA-2012-0103.NASL", "REDHAT-RHSA-2013-0126.NASL", "SL_20091008_SQUIRRELMAIL_ON_SL3_X.NASL", "SL_20120208_SQUIRRELMAIL_ON_SL4_X.NASL", "SL_20130108_SQUIRRELMAIL_ON_SL5_X.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310100759", "OPENVAS:1361412562310122428", "OPENVAS:1361412562310123994", "OPENVAS:136141256231064694", "OPENVAS:136141256231064722", "OPENVAS:136141256231065731", "OPENVAS:136141256231065756", "OPENVAS:136141256231067845", "OPENVAS:1361412562310802392", "OPENVAS:1361412562310810929", "OPENVAS:1361412562310831136", "OPENVAS:1361412562310862307", "OPENVAS:1361412562310862309", "OPENVAS:1361412562310870543", "OPENVAS:1361412562310870880", "OPENVAS:1361412562310880729", "OPENVAS:1361412562310880918", "OPENVAS:1361412562310881223", "OPENVAS:1361412562310881232", "OPENVAS:1361412562310881572", "OPENVAS:1361412562310900830", "OPENVAS:64694", "OPENVAS:64722", "OPENVAS:65731", "OPENVAS:65756", "OPENVAS:67845", "OPENVAS:802392", "OPENVAS:831136", "OPENVAS:862307", "OPENVAS:862309", "OPENVAS:870543", "OPENVAS:870880", "OPENVAS:880729", "OPENVAS:880918", "OPENVAS:881223", "OPENVAS:881232", "OPENVAS:881572"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1490", "ELSA-2012-0103", "ELSA-2013-0126"]}, {"type": "osv", "idList": ["OSV:DSA-2091-1"]}, {"type": "redhat", "idList": ["RHSA-2009:1490", "RHSA-2012:0103", "RHSA-2013:0126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:22395", "SECURITYVULNS:DOC:24526", "SECURITYVULNS:DOC:27600", "SECURITYVULNS:VULN:10192", "SECURITYVULNS:VULN:11070", "SECURITYVULNS:VULN:12164"]}, {"type": "seebug", "idList": ["SSV:12149"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2964", "UB:CVE-2010-2813", "UB:CVE-2012-2124"]}, {"type": "veracode", "idList": ["VERACODE:23891", "VERACODE:24825"]}]}, "score": {"value": -0.0, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2009:1490", "CESA-2012:0103", "CESA-2013:0126"]}, {"type": "cve", "idList": ["CVE-2009-2964"]}, {"type": "fedora", "idList": ["FEDORA:D55C11113FA"]}, {"type": "jvn", "idList": ["JVN:30881447"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/CENTOS_LINUX-CVE-2010-2813/"]}, {"type": "nessus", "idList": ["FEDORA_2009-8797.NASL", "MACOSX_10_6_4.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:65731"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-1490", "ELSA-2012-0103", "ELSA-2013-0126"]}, {"type": "redhat", "idList": ["RHSA-2009:1490", "RHSA-2013:0126"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10192"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-2964"]}]}, "exploitation": null, "vulnersScore": -0.0}, "pluginID": "48344", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2091. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48344);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2964\", \"CVE-2010-2813\");\n script_bugtraq_id(36196, 42399);\n script_xref(name:\"DSA\", value:\"2091\");\n\n script_name(english:\"Debian DSA-2091-1 : squirrelmail - No user-specific token implemented\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SquirrelMail, a webmail application, does not employ a user-specific\ntoken for webforms. This allows a remote attacker to perform a Cross\nSite Request Forgery (CSRF) attack. The attacker may hijack the\nauthentication of unspecified victims and send messages or change user\npreferences among other actions, by tricking the victim into following\na link controlled by the offender.\n\nIn addition, a denial-of-service was fixed, which could be triggered\nwhen a password containing 8-bit characters was used to log in\n(CVE-2010-2813 ).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=543818\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2010-2813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2010/dsa-2091\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the squirrelmail packages.\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny3.1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"squirrelmail\", reference:\"1.4.15-4+lenny3.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "Debian Local Security Checks", "cpe": ["p-cpe:/a:debian:debian_linux:squirrelmail", "cpe:/o:debian:debian_linux:5.0"], "solution": "Upgrade the squirrelmail packages.\n\nFor the stable distribution (lenny), these problems have been fixed in version 1.4.15-4+lenny3.1.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2010-08-12T00:00:00", "vulnerabilityPublicationDate": null, "exploitableWith": [], "_state": {"dependencies": 1660004461, "score": 1659823045}, "_internal": {"score_hash": "051da6e9d5be777603c97030f846363c"}}

{"securityvulns": [{"lastseen": "2018-08-31T11:10:36", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2091-1 security@debian.org\r\nhttp://www.debian.org/security/ Luciano Bello\r\nAugust 12, 2010 http://www.debian.org/security/faq\r\n- ------------------------------------------------------------------------\r\n\r\nPackage : squirrelmail\r\nVulnerability : No user-specific token implemented\r\nProblem type : remote\r\nDebian-specific: no\r\nDebian bug : 543818\r\nCVE ID : CVE-2009-2964 CVE-2010-2813\r\n\r\nSquirrelMail, a webmail application, does not employ a user-specific token \r\nfor webforms. This allows a remote attacker to perform a Cross Site Request \r\nForgery (CSRF) attack. The attacker may hijack the authentication of \r\nunspecified victims and send messages or change user preferences among other \r\nactions, by tricking the victim into following a link controled by the \r\noffender.\r\n\r\nIn addition, a denial-of-service was fixed, which could be triggered when a \r\npasswords containing 8-bit characters was used to log in (CVE-2010-2813).\r\n\r\nFor the stable distribution (lenny), these problems have been fixed in\r\nversion 1.4.15-4+lenny3.1.\r\n\r\nFor the testing distribution (squeeze) and the unstable distribution (sid),\r\nthese problems have been fixed in version 1.4.21-1.\r\n\r\nWe recommend that you upgrade your squirrelmail packages.\r\n\r\n\r\nUpgrade instructions\r\n- --------------------\r\n\r\nwget url\r\n will fetch the file for you\r\ndpkg -i file.deb\r\n will install the referenced file.\r\n\r\nIf you are using the apt-get package manager, use the line for\r\nsources.list as given below:\r\n\r\napt-get update\r\n will update the internal database\r\napt-get upgrade\r\n will install corrected packages\r\n\r\nYou may use an automated update by adding the resources from the\r\nfooter to the proper configuration.\r\n\r\n\r\nDebian GNU/Linux 5.0 alias lenny\r\n- --------------------------------\r\n\r\nSource archives:\r\n\r\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1.diff.gz\r\n Size/MD5 checksum: 34647 2251562662703a0d8e4f0de309ca60a6\r\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15.orig.tar.gz\r\n Size/MD5 checksum: 621320 87b466fef98e770307afffd75fe25589\r\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1.dsc\r\n Size/MD5 checksum: 1240 a4e2ab21379259946f02a1d30831fe6d\r\n\r\nArchitecture independent packages:\r\n\r\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1_all.deb\r\n Size/MD5 checksum: 615152 d08549fd86ffec2ae16b36e358f50cd6\r\n\r\n\r\n These files will probably be moved into the stable distribution on\r\n its next update.\r\n\r\n- ---------------------------------------------------------------------------------\r\nFor apt-get: deb http://security.debian.org/ stable/updates main\r\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\r\nMailing list: debian-security-announce@lists.debian.org\r\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJMZFbAAAoJEOxfUAG2iX57E9wH/2R7hpqY9l0OTtMT+TpEP6ld\r\nSWMx1rhE+Vf8nss3AKSx88uAn0szgS0zyVdBuGbksFsKDsLLAyreajwyqyNqYWdf\r\n+saBoZHbOXsE3xQUp1ceHJQ5LO3hPl8e7PlSfb91TVX0PTwjAbflIICGXNXjsT3j\r\n2gQRUWI8VtIbKNaTh0erSS2tU0CHdcWxcVjCmPLJxrDZ5jy9vTgiyc2secI6PLLQ\r\nuXpTBTC4ORRcui1L464cDb0a0xdX9s3qBu5PGydYwGyCMXsf4Vs8atejBUIK/XZq\r\n2aLNcAQuwNHttZtlRuig8LLmavpVEvDXErlFhETOd6UFCz5sVq9yfrMMT3ECli0=\r\n=9dTP\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2010-08-14T00:00:00", "title": "[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2009-2964"], "modified": "2010-08-14T00:00:00", "id": "SECURITYVULNS:DOC:24526", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:24526", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:06:57", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 2, "cvss3": {}, "published": "2010-08-14T00:00:00", "title": "Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2010-2540", "CVE-2010-2539", "CVE-2010-2813", "CVE-2009-2964"], "modified": "2010-08-14T00:00:00", "id": "SECURITYVULNS:VULN:11070", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11070", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T19:13:20", "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.\r\nPostNuke: SQL injection.", "edition": 2, "cvss3": {}, "published": "2009-08-31T00:00:00", "title": "Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2009-08-31T00:00:00", "id": "SECURITYVULNS:VULN:10192", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10192", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:31", "description": "\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n _______________________________________________________________________\r\n\r\n Mandriva Linux Security Advisory MDVSA-2009:222\r\n http://www.mandriva.com/security/\r\n _______________________________________________________________________\r\n\r\n Package : squirrelmail\r\n Date : August 28, 2009\r\n Affected: Corporate 4.0, Enterprise Server 5.0\r\n _______________________________________________________________________\r\n\r\n Problem Description:\r\n\r\n A vulnerability has been found and corrected in squirrelmail:\r\n \r\n All form submissions (send message, change preferences, etc.) in\r\n SquirrelMail were previously subject to cross-site request forgery\r\n (CSRF), wherein data could be sent to them from an offsite location,\r\n which could allow an attacker to inject malicious content into\r\n user preferences or possibly send emails without user consent\r\n (CVE-2009-2964).\r\n \r\n This update provides a solution to this vulnerability.\r\n _______________________________________________________________________\r\n\r\n References:\r\n\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2964\r\n _______________________________________________________________________\r\n\r\n Updated Packages:\r\n\r\n Corporate 4.0:\r\n 07853523b82616b74a6e91f43a5226b1 corporate/4.0/i586/squirrelmail-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 4915ce21d899fffd164fef01a25109ad corporate/4.0/i586/squirrelmail-ar-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 66389c88b45e197a16dfde699a6670e0 corporate/4.0/i586/squirrelmail-bg-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n a1b44ba9f413b10c78e97624eb831e7c corporate/4.0/i586/squirrelmail-bn-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 1c3550b3ccc9d5ea7fd64e2569aafb3d corporate/4.0/i586/squirrelmail-ca-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 2b3fa0d0a9769c1a5d5f96d942461fa5 corporate/4.0/i586/squirrelmail-cs-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 7d19c60ff9c5b975eb2e621ed3f13307 corporate/4.0/i586/squirrelmail-cy-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 316f926a7f9a3d153e32e70ec492725d corporate/4.0/i586/squirrelmail-cyrus-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 165dea8862ebef08027e177fc2f209d6 corporate/4.0/i586/squirrelmail-da-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 64710bf14e59f8ef61222b043ce2d9f2 corporate/4.0/i586/squirrelmail-de-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n f431c724d28d9bae45f750ae6c174a99 corporate/4.0/i586/squirrelmail-el-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 336bf86cfd54661964f62d1d9aad8e1e corporate/4.0/i586/squirrelmail-en-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 00fe1d3c59887a1d2e8901e0eef645b2 corporate/4.0/i586/squirrelmail-es-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 5c701a558afc2e8c5ec7aac0c80f6134 corporate/4.0/i586/squirrelmail-et-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n e38f1abbbd4ae8333ef7bf65ae82f32e corporate/4.0/i586/squirrelmail-eu-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 96a39481fcf2da7837abd49d5e61be29 corporate/4.0/i586/squirrelmail-fa-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n cb288868fac3dcbc5804800a6414343e corporate/4.0/i586/squirrelmail-fi-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n afdde3cbc96ae9355cf9484d812e804c corporate/4.0/i586/squirrelmail-fo-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n f3b417eaed6cd5413ac7df7a47101ace corporate/4.0/i586/squirrelmail-fr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n f304a4cd6ac38d367b75355c7bf0e3c5 corporate/4.0/i586/squirrelmail-fy-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n b9f19856b8b76aef3178ee1d0f2ea395 corporate/4.0/i586/squirrelmail-he-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 5d8968ab323f9a27e397048d6e2658a1 corporate/4.0/i586/squirrelmail-hr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n a6ec45bd0b3ae4fe5fc132405320e065 corporate/4.0/i586/squirrelmail-hu-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n df109a32699c3e60b02a6dec2e7c066d corporate/4.0/i586/squirrelmail-id-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 1d74e07dee950c7abdf409dd32a2dd74 corporate/4.0/i586/squirrelmail-is-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n dfbb352c36ebc80809502c9252c85431 corporate/4.0/i586/squirrelmail-it-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n c5a76d5e7e2d77254519941d7ca3df14 corporate/4.0/i586/squirrelmail-ja-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 95b980baf0f4d0b82f40543d33a9f34c corporate/4.0/i586/squirrelmail-ka-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n ee926e9ec1ec5b42d46db129fafa0a18 corporate/4.0/i586/squirrelmail-ko-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n bb9e7d59f0e912592f8ef4ff235c749f corporate/4.0/i586/squirrelmail-lt-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n fe70dc272d2b84cbbf2304fc711bae3b corporate/4.0/i586/squirrelmail-ms-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n fd8549286b18b43223ddd27a2df91474 corporate/4.0/i586/squirrelmail-nb-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 752e2a9d66171bc1c51b8f33beebaa9b corporate/4.0/i586/squirrelmail-nl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 05f35b4b24100fbe70980f8a79dfa12a corporate/4.0/i586/squirrelmail-nn-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 9d9d6c6d0741739c954662e491266e68 corporate/4.0/i586/squirrelmail-pl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n b260c9c031caa0c8e65eeba9fcd80237 corporate/4.0/i586/squirrelmail-poutils-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 667ed8ff60cf841e5328d1354c5747e3 corporate/4.0/i586/squirrelmail-pt-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n ab4922a9a4abc1da80832e5b4b8d4110 corporate/4.0/i586/squirrelmail-ro-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 8c3fe5a315d2abd5191fe40ac98ab841 corporate/4.0/i586/squirrelmail-ru-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n e827011cfc5bbf20be9ff5f6d6881b3a corporate/4.0/i586/squirrelmail-sk-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n a8eb5bcc92a263d5192d6a271bcf637d corporate/4.0/i586/squirrelmail-sl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n d9fcca8a064a56a55369c6df7ea910df corporate/4.0/i586/squirrelmail-sr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 9504fe228b7355d79c0329650c6659a3 corporate/4.0/i586/squirrelmail-sv-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 72797303f7d8cc847f9cf99828e4f611 corporate/4.0/i586/squirrelmail-th-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 42a2b9b8e23974844e26f78b2174e3ef corporate/4.0/i586/squirrelmail-tr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 77b745ea5fa8e9774a0492a21faf26c0 corporate/4.0/i586/squirrelmail-ug-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n f88e0a6ea5ef5af39c2e2f9cf98226f0 corporate/4.0/i586/squirrelmail-uk-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 2e5cf7fe7c0fe2ea76c7f6fbe7210878 corporate/4.0/i586/squirrelmail-vi-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n fb698076af983dd1be11051e2f2f775e corporate/4.0/i586/squirrelmail-zh_CN-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 80bbd48d2c29f91c5956b89a0bd71cfd corporate/4.0/i586/squirrelmail-zh_TW-1.4.19-0.2.20060mlcs4.noarch.rpm \r\n 4281e6aba03bbfbb9c6ae40bf1eac438 corporate/4.0/SRPMS/squirrelmail-1.4.19-0.2.20060mlcs4.src.rpm\r\n\r\n Corporate 4.0/X86_64:\r\n f693d85506d4e23682b4997928dca4ac corporate/4.0/x86_64/squirrelmail-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n a6cbff7ef90065b7284d866b8156b3cd corporate/4.0/x86_64/squirrelmail-ar-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 99c1cfe958b0d3a41c69c94fd785c31b corporate/4.0/x86_64/squirrelmail-bg-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 4b82e374a57985228e25aeb2cdcca3b3 corporate/4.0/x86_64/squirrelmail-bn-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 9023a977f918a273dd76dcd8c0f68b92 corporate/4.0/x86_64/squirrelmail-ca-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 5050534c0892f36b34bef5eacecb42c1 corporate/4.0/x86_64/squirrelmail-cs-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 617afe6e8e4bd6c125289d3a6413f7fe corporate/4.0/x86_64/squirrelmail-cy-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 546ab69752468424598883ba20e3b1ed corporate/4.0/x86_64/squirrelmail-cyrus-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 2a047bab2f7832adcc97448f617ae1bc corporate/4.0/x86_64/squirrelmail-da-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 230ffb1561d2f1b5e3f10299ad4b7ebd corporate/4.0/x86_64/squirrelmail-de-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n f33f3c3a47a7556e96f88c6ef0d7e3a6 corporate/4.0/x86_64/squirrelmail-el-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n bc58a39731c37481da5245acfa5e910a corporate/4.0/x86_64/squirrelmail-en-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 2fe56980ef4742c8f730257492eb021c corporate/4.0/x86_64/squirrelmail-es-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 3b74703b17dcf9f842a08841e9e57269 corporate/4.0/x86_64/squirrelmail-et-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n c1a497b87ce46a2f69fe64c3f745fbce corporate/4.0/x86_64/squirrelmail-eu-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 51749b8968fd1ea97b5fbe99ff455dc9 corporate/4.0/x86_64/squirrelmail-fa-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 806e9de93b3f7be275896b1b9a7a25fa corporate/4.0/x86_64/squirrelmail-fi-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 3f169fc3b5f305126a13960767dec3df corporate/4.0/x86_64/squirrelmail-fo-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 5131e26c149867c7ab4786288bb6b25e corporate/4.0/x86_64/squirrelmail-fr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 1afbe3f3a813d1f2c92156312b5658ec corporate/4.0/x86_64/squirrelmail-fy-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n d6e50f588e565fe69ffecb74a9d7dd0e corporate/4.0/x86_64/squirrelmail-he-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 10057dd51976b4dd46aa0e272fc8d281 corporate/4.0/x86_64/squirrelmail-hr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 767bf0d40efe8f06d62f121fbeab5ae3 corporate/4.0/x86_64/squirrelmail-hu-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n c7e26a4915a8993f6c1b163f7ae78b26 corporate/4.0/x86_64/squirrelmail-id-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n ead03d04f5e6b257c2ad58a1c404778a corporate/4.0/x86_64/squirrelmail-is-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 25dd4fa28ba4b6b7a0cff7fa8905a559 corporate/4.0/x86_64/squirrelmail-it-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 8bc295ac82873981c2575f17dc474c26 corporate/4.0/x86_64/squirrelmail-ja-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n bc46dadf240955b08a83e952c56bad45 corporate/4.0/x86_64/squirrelmail-ka-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n aefb9cac0ecbda40175d71026ed208bf corporate/4.0/x86_64/squirrelmail-ko-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 80088f747abe1f7db959a70611d9efab corporate/4.0/x86_64/squirrelmail-lt-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 800432c87f88805f83d9343cc4ed1bd0 corporate/4.0/x86_64/squirrelmail-ms-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n cf3e0d64834c708dc2490956c079e1a4 corporate/4.0/x86_64/squirrelmail-nb-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 93c6c84c3db5a7cc466c7763664f75f7 corporate/4.0/x86_64/squirrelmail-nl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 8d23da4622286f11e4b51dc22b4919c6 corporate/4.0/x86_64/squirrelmail-nn-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 5e7283ff7c9436c6fe8743402457fedb corporate/4.0/x86_64/squirrelmail-pl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n d8b3be60eb620d83e932f0f902410129 corporate/4.0/x86_64/squirrelmail-poutils-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n abd8b6599b816f0ff092a0919c2d3246 corporate/4.0/x86_64/squirrelmail-pt-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n b409f68939477f0297744b0919e6a8be corporate/4.0/x86_64/squirrelmail-ro-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 68d9956c0b5e0cd3f4fce76664142e15 corporate/4.0/x86_64/squirrelmail-ru-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 666ff1b85078c4621a02a6db6c252bb1 corporate/4.0/x86_64/squirrelmail-sk-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n b7f7b3043e75115a7674ff513fe004fa corporate/4.0/x86_64/squirrelmail-sl-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 02e478c51994f9cdcc4204f18fd88d2d corporate/4.0/x86_64/squirrelmail-sr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 78c447304786edc09ccaa6aba438e024 corporate/4.0/x86_64/squirrelmail-sv-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 8446fa57725f94274946af75141236e3 corporate/4.0/x86_64/squirrelmail-th-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 8541c44a38f9d5c4c3eac9417bce517d corporate/4.0/x86_64/squirrelmail-tr-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 2b79d91bb341067df893ca758fcbda98 corporate/4.0/x86_64/squirrelmail-ug-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n a5372c6a18f14aaa5234cfbc92d8ef30 corporate/4.0/x86_64/squirrelmail-uk-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 160cc95b5574aa8ccc588f62f6b61379 corporate/4.0/x86_64/squirrelmail-vi-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n 73a0a0a46b15d821dfe04e2894bab0ee corporate/4.0/x86_64/squirrelmail-zh_CN-1.4.19-0.2.20060mlcs4.noarch.rpm\r\n fd23da0a8acf872039a72f3bec4d2b3d corporate/4.0/x86_64/squirrelmail-zh_TW-1.4.19-0.2.20060mlcs4.noarch.rpm \r\n 4281e6aba03bbfbb9c6ae40bf1eac438 corporate/4.0/SRPMS/squirrelmail-1.4.19-0.2.20060mlcs4.src.rpm\r\n\r\n Mandriva Enterprise Server 5:\r\n 979eddcba9906b696037efa7edcf5cf3 mes5/i586/squirrelmail-1.4.19-2.2mdvmes5.noarch.rpm\r\n 774058ddb64bc9ca61b95543b4de7adc mes5/i586/squirrelmail-ar-1.4.19-2.2mdvmes5.noarch.rpm\r\n 15fe05fcea946b36d4f4ea6f580c1100 mes5/i586/squirrelmail-bg-1.4.19-2.2mdvmes5.noarch.rpm\r\n e0cb372a4a24e062625c1ecfce45f76f mes5/i586/squirrelmail-bn-1.4.19-2.2mdvmes5.noarch.rpm\r\n c7e84419ee6b7f07e94e83fbb2aa403a mes5/i586/squirrelmail-ca-1.4.19-2.2mdvmes5.noarch.rpm\r\n d97bbd578b3344c03dbea339c32c3c5a mes5/i586/squirrelmail-cs-1.4.19-2.2mdvmes5.noarch.rpm\r\n 1dafbd45de44aec7b9c85a1284de7b2b mes5/i586/squirrelmail-cy-1.4.19-2.2mdvmes5.noarch.rpm\r\n 107306efe6d595174cf72a3225da179c mes5/i586/squirrelmail-cyrus-1.4.19-2.2mdvmes5.noarch.rpm\r\n f93a4151b722e98528942ab3ac0733f1 mes5/i586/squirrelmail-da-1.4.19-2.2mdvmes5.noarch.rpm\r\n ad7d71fa952e4ade1562068485aba94a mes5/i586/squirrelmail-de-1.4.19-2.2mdvmes5.noarch.rpm\r\n 4c695462f76e3e1f4bba6b30df74358e mes5/i586/squirrelmail-el-1.4.19-2.2mdvmes5.noarch.rpm\r\n 94eee7e7ae216813e0d436a051c6301c mes5/i586/squirrelmail-en-1.4.19-2.2mdvmes5.noarch.rpm\r\n 13fbc4b5a8aab03d5395b485de5dcf03 mes5/i586/squirrelmail-es-1.4.19-2.2mdvmes5.noarch.rpm\r\n 3ae3ad38b4abacee3dc7a6099ef4f866 mes5/i586/squirrelmail-et-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6f3517140f0a01337a209a7e60749200 mes5/i586/squirrelmail-eu-1.4.19-2.2mdvmes5.noarch.rpm\r\n 0c1d2820dab56ae235d6fc027216839a mes5/i586/squirrelmail-fa-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6456cc298aac5c50d92a78e344adfbdb mes5/i586/squirrelmail-fi-1.4.19-2.2mdvmes5.noarch.rpm\r\n 07c2abd74eabfe5f13ba46de0ce8f434 mes5/i586/squirrelmail-fo-1.4.19-2.2mdvmes5.noarch.rpm\r\n 60fc550042045ca9259cf56a8d030b1d mes5/i586/squirrelmail-fr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 5f2eaddedbff4b779cd481c946a648e2 mes5/i586/squirrelmail-fy-1.4.19-2.2mdvmes5.noarch.rpm\r\n 22121300fc28fb0dc84e13c37bd8c524 mes5/i586/squirrelmail-he-1.4.19-2.2mdvmes5.noarch.rpm\r\n afab6152f5271bd0f9db4fdbdc84e269 mes5/i586/squirrelmail-hr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 5673279092a6d794102a99fe17e0d40f mes5/i586/squirrelmail-hu-1.4.19-2.2mdvmes5.noarch.rpm\r\n c0fb3ddb7bb49f6fe65667ec078e90d8 mes5/i586/squirrelmail-id-1.4.19-2.2mdvmes5.noarch.rpm\r\n 9b1c214c28a9306b91be2fbb328077ad mes5/i586/squirrelmail-is-1.4.19-2.2mdvmes5.noarch.rpm\r\n dc21633a4a11aac95b14be984053eafa mes5/i586/squirrelmail-it-1.4.19-2.2mdvmes5.noarch.rpm\r\n a6fa9368a0068c16ee3e52315ba1e5a0 mes5/i586/squirrelmail-ja-1.4.19-2.2mdvmes5.noarch.rpm\r\n 56f5fbe9c041363a68bfc484364774d4 mes5/i586/squirrelmail-ka-1.4.19-2.2mdvmes5.noarch.rpm\r\n e22c8e16cb452ea1be8067929a65e65d mes5/i586/squirrelmail-ko-1.4.19-2.2mdvmes5.noarch.rpm\r\n e24b83137768a2118de1f4a4d0d07257 mes5/i586/squirrelmail-lt-1.4.19-2.2mdvmes5.noarch.rpm\r\n b99c278634b2ef07086ddfebe7e834e3 mes5/i586/squirrelmail-ms-1.4.19-2.2mdvmes5.noarch.rpm\r\n 599399c0639f1a100a5d8c3645f262e2 mes5/i586/squirrelmail-nb-1.4.19-2.2mdvmes5.noarch.rpm\r\n 04f6e91c37ee69b3e016cbb9639dfb9c mes5/i586/squirrelmail-nl-1.4.19-2.2mdvmes5.noarch.rpm\r\n e8f92051e148c4e264f4d215d3cb4967 mes5/i586/squirrelmail-nn-1.4.19-2.2mdvmes5.noarch.rpm\r\n 9a83ef841188552819559e71e6bdb46b mes5/i586/squirrelmail-pl-1.4.19-2.2mdvmes5.noarch.rpm\r\n c7e31571b15e2253dacf5f2b2fd72dcd mes5/i586/squirrelmail-poutils-1.4.19-2.2mdvmes5.noarch.rpm\r\n de7daf00bdf2799f82e5da523b96bcb3 mes5/i586/squirrelmail-pt-1.4.19-2.2mdvmes5.noarch.rpm\r\n 683d3458b8297942452985ae612b4455 mes5/i586/squirrelmail-ro-1.4.19-2.2mdvmes5.noarch.rpm\r\n a71f34282d0b5d7cacd9de1db5fb6f51 mes5/i586/squirrelmail-ru-1.4.19-2.2mdvmes5.noarch.rpm\r\n ff1e85fddfcea3ff4f87ec6803d11a56 mes5/i586/squirrelmail-sk-1.4.19-2.2mdvmes5.noarch.rpm\r\n ad6e1b0f18ef0e492c6ffa04b38aeae8 mes5/i586/squirrelmail-sl-1.4.19-2.2mdvmes5.noarch.rpm\r\n 4e747e2c672fbb6e121ee456aa8dae8b mes5/i586/squirrelmail-sr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 970f1ee9419823d193aa5d8cb49fd51c mes5/i586/squirrelmail-sv-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6262be947f0739fe240556ee6a7e2524 mes5/i586/squirrelmail-th-1.4.19-2.2mdvmes5.noarch.rpm\r\n 14c9bcb6b68e796e706ed5a4f3d41e54 mes5/i586/squirrelmail-tr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 369425a648d26646ed3b17ab76960894 mes5/i586/squirrelmail-ug-1.4.19-2.2mdvmes5.noarch.rpm\r\n fe643740cd5cadecc15e13915e0f25ae mes5/i586/squirrelmail-uk-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6ab100079ef5b316042a0a1bee2e6463 mes5/i586/squirrelmail-vi-1.4.19-2.2mdvmes5.noarch.rpm\r\n 69837bd65b526f0db6c5691ce20c2f1f mes5/i586/squirrelmail-zh_CN-1.4.19-2.2mdvmes5.noarch.rpm\r\n 48986079c93b944c800bbfb26c7be99e mes5/i586/squirrelmail-zh_TW-1.4.19-2.2mdvmes5.noarch.rpm \r\n a11a1f5ab7a3b3b3117dfffe52dfcd86 mes5/SRPMS/squirrelmail-1.4.19-2.2mdvmes5.src.rpm\r\n\r\n Mandriva Enterprise Server 5/X86_64:\r\n ea9f327eebae1654e3f12cb6a1a3e31b mes5/x86_64/squirrelmail-1.4.19-2.2mdvmes5.noarch.rpm\r\n 3fb9811b775fd2405ad9668ce96f3f3c mes5/x86_64/squirrelmail-ar-1.4.19-2.2mdvmes5.noarch.rpm\r\n 962d33f3ba5fb7cd3b8343a245b2a7a9 mes5/x86_64/squirrelmail-bg-1.4.19-2.2mdvmes5.noarch.rpm\r\n a16168265970e6f7a8070f72bedc10ea mes5/x86_64/squirrelmail-bn-1.4.19-2.2mdvmes5.noarch.rpm\r\n 33f82eb726e4ff90380a416c9eb3c4b8 mes5/x86_64/squirrelmail-ca-1.4.19-2.2mdvmes5.noarch.rpm\r\n cc82e630b454e96215d01265d15e4020 mes5/x86_64/squirrelmail-cs-1.4.19-2.2mdvmes5.noarch.rpm\r\n 3a3883eaad24b6a9a08bd077aa1289eb mes5/x86_64/squirrelmail-cy-1.4.19-2.2mdvmes5.noarch.rpm\r\n a5bade3ed8a972f996c832eeee4e7b5e mes5/x86_64/squirrelmail-cyrus-1.4.19-2.2mdvmes5.noarch.rpm\r\n c671169ff9d0af0f917d7dfae448d2a2 mes5/x86_64/squirrelmail-da-1.4.19-2.2mdvmes5.noarch.rpm\r\n e7a0d88afe23f1834d6085f7f8d17346 mes5/x86_64/squirrelmail-de-1.4.19-2.2mdvmes5.noarch.rpm\r\n 174a6765d07527b362ae3b11086c4d71 mes5/x86_64/squirrelmail-el-1.4.19-2.2mdvmes5.noarch.rpm\r\n e8074843d2ecf1b4d4ffbddbe5eabee3 mes5/x86_64/squirrelmail-en-1.4.19-2.2mdvmes5.noarch.rpm\r\n 8e6c9e372579ae3c1f30be6662a0a3a6 mes5/x86_64/squirrelmail-es-1.4.19-2.2mdvmes5.noarch.rpm\r\n ee2ad002a118479c98055a74aad4c4ae mes5/x86_64/squirrelmail-et-1.4.19-2.2mdvmes5.noarch.rpm\r\n ac4e83f028dc7b4dcd61a67874c461cf mes5/x86_64/squirrelmail-eu-1.4.19-2.2mdvmes5.noarch.rpm\r\n 24c1e4ea1906d0a1357d5fce000943ec mes5/x86_64/squirrelmail-fa-1.4.19-2.2mdvmes5.noarch.rpm\r\n e5b72276ff6c011d57ccd9eae5eb5afb mes5/x86_64/squirrelmail-fi-1.4.19-2.2mdvmes5.noarch.rpm\r\n ed05cb837243aab5c34c5ced89b6d667 mes5/x86_64/squirrelmail-fo-1.4.19-2.2mdvmes5.noarch.rpm\r\n c064a34a17b476253f305fcfc5733a28 mes5/x86_64/squirrelmail-fr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 3f6938d6e9d9ed31eb3b2843e2c1c10d mes5/x86_64/squirrelmail-fy-1.4.19-2.2mdvmes5.noarch.rpm\r\n 1a03d7970be9faa5b7d799d4a86cef20 mes5/x86_64/squirrelmail-he-1.4.19-2.2mdvmes5.noarch.rpm\r\n 38d68106fa4f5233e4e43c1b5526372f mes5/x86_64/squirrelmail-hr-1.4.19-2.2mdvmes5.noarch.rpm\r\n 1b3af6ba164ea6dce41d62838a3d6954 mes5/x86_64/squirrelmail-hu-1.4.19-2.2mdvmes5.noarch.rpm\r\n 89045f43138d5098b5e3ba3fdf5339b4 mes5/x86_64/squirrelmail-id-1.4.19-2.2mdvmes5.noarch.rpm\r\n 044506ec80f5783dfd4098e959ee1c1f mes5/x86_64/squirrelmail-is-1.4.19-2.2mdvmes5.noarch.rpm\r\n 8ea39c5fc8fec65dc75b5ec697646c13 mes5/x86_64/squirrelmail-it-1.4.19-2.2mdvmes5.noarch.rpm\r\n b06b2fa23f29841ce22e6d3639b4e56e mes5/x86_64/squirrelmail-ja-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6205adab500b6099236364d349c6b84f mes5/x86_64/squirrelmail-ka-1.4.19-2.2mdvmes5.noarch.rpm\r\n c0772721d164e1ed9746a6598411df50 mes5/x86_64/squirrelmail-ko-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6db3def8b9510d574dcfa21577a3626f mes5/x86_64/squirrelmail-lt-1.4.19-2.2mdvmes5.noarch.rpm\r\n c6a80aae86b97525d283a96ca717ee5e mes5/x86_64/squirrelmail-ms-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6db3d1e1d3d9b5c744bbe09e9974a645 mes5/x86_64/squirrelmail-nb-1.4.19-2.2mdvmes5.noarch.rpm\r\n 46c663c002545fa730e19e2e5102ca66 mes5/x86_64/squirrelmail-nl-1.4.19-2.2mdvmes5.noarch.rpm\r\n 038a901958fdcb0d16bf20a435efcba6 mes5/x86_64/squirrelmail-nn-1.4.19-2.2mdvmes5.noarch.rpm\r\n dded1323333ec7da88a46ce4e7af0a12 mes5/x86_64/squirrelmail-pl-1.4.19-2.2mdvmes5.noarch.rpm\r\n 539d702753d586df46e66115348a73ae mes5/x86_64/squirrelmail-poutils-1.4.19-2.2mdvmes5.noarch.rpm\r\n 45aa61dc57c27477ecbf90bd76563d40 mes5/x86_64/squirrelmail-pt-1.4.19-2.2mdvmes5.noarch.rpm\r\n 89d9a967ebcdb83f1dc4dcb8c4e44c8c mes5/x86_64/squirrelmail-ro-1.4.19-2.2mdvmes5.noarch.rpm\r\n 7c88cc7c149477d33d1ffb59c13c4867 mes5/x86_64/squirrelmail-ru-1.4.19-2.2mdvmes5.noarch.rpm\r\n 6b32ebc97d21aa079cbdb62a8e2afc34 mes5/x86_64/squirrelmail-sk-1.4.19-2.2mdvmes5.noarch.rpm\r\n 98c1a17d080076ba9657277e7bfe0e7c mes5/x86_64/squirrelmail-sl-1.4.19-2.2mdvmes5.noarch.rpm\r\n 3e251dc27c70146073e593d700de3493 mes5/x86_64/squirrelmail-sr-1.4.19-2.2mdvmes5.noarch.rpm\r\n c42fb2a5b31d32ca3583e363ec5c994e mes5/x86_64/squirrelmail-sv-1.4.19-2.2mdvmes5.noarch.rpm\r\n ad8134c02dd02a8081d572ebd877a9bc mes5/x86_64/squirrelmail-th-1.4.19-2.2mdvmes5.noarch.rpm\r\n 61838d0e7505ec4c615704414044051c mes5/x86_64/squirrelmail-tr-1.4.19-2.2mdvmes5.noarch.rpm\r\n ea599a2e1eb6b0a90c85fec57eb5082f mes5/x86_64/squirrelmail-ug-1.4.19-2.2mdvmes5.noarch.rpm\r\n 845d7a43c4bbf4beac87bc8cd57be920 mes5/x86_64/squirrelmail-uk-1.4.19-2.2mdvmes5.noarch.rpm\r\n dfdebd9ceedf6cf76eb2e02066b3d57e mes5/x86_64/squirrelmail-vi-1.4.19-2.2mdvmes5.noarch.rpm\r\n c38b3e6dea8e0607dec57b31e365f0c6 mes5/x86_64/squirrelmail-zh_CN-1.4.19-2.2mdvmes5.noarch.rpm\r\n 8bbb358300a2747e384a3807ce08d868 mes5/x86_64/squirrelmail-zh_TW-1.4.19-2.2mdvmes5.noarch.rpm \r\n a11a1f5ab7a3b3b3117dfffe52dfcd86 mes5/SRPMS/squirrelmail-1.4.19-2.2mdvmes5.src.rpm\r\n _______________________________________________________________________\r\n\r\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\r\n of md5 checksums and GPG signatures is performed automatically for you.\r\n\r\n All packages are signed by Mandriva for security. You can obtain the\r\n GPG public key of the Mandriva Security Team by executing:\r\n\r\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\r\n\r\n You can view other update advisories for Mandriva Linux at:\r\n\r\n http://www.mandriva.com/security/advisories\r\n\r\n If you want to report vulnerabilities, please contact\r\n\r\n security_(at)_mandriva.com\r\n _______________________________________________________________________\r\n\r\n Type Bits/KeyID Date User ID\r\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\r\n <security*mandriva.com>\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 (GNU/Linux)\r\n\r\niD8DBQFKl/K+mqjQ0CJFipgRAtn4AKC5VDiSr2cFD7xA/rHxU/oqCvRT2wCfXanD\r\nO5F41EgMG37iUyAAvI59dJo=\r\n=vh4E\r\n-----END PGP SIGNATURE-----", "edition": 1, "cvss3": {}, "published": "2009-08-31T00:00:00", "title": "[ MDVSA-2009:222 ] squirrelmail", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2009-08-31T00:00:00", "id": "SECURITYVULNS:DOC:22395", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:22395", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T19:03:09", "description": "Graphics, Video, Audio and documents parsing vulnerabilities. Information leakage, code execution via DNS resolver. Privilege escalation. Vulnerabilities in 3rd party packages.", "edition": 2, "cvss3": {}, "published": "2012-02-03T00:00:00", "title": "Apple OS X multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "modified": "2012-02-03T00:00:00", "id": "SECURITYVULNS:VULN:12164", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12164", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:43", "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\nAPPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001\r\n\r\nOS X Lion v10.7.3 and Security Update 2012-001 is now available and\r\naddresses the following:\r\n\r\nAddress Book\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker in a privileged network position may intercept\r\nCardDAV data\r\nDescription: Address Book supports Secure Sockets Layer (SSL) for\r\naccessing CardDAV. A downgrade issue caused Address Book to attempt\r\nan unencrypted connection if an encrypted connection failed. An\r\nattacker in a privileged network position could abuse this behavior\r\nto intercept CardDAV data. This issue is addressed by not downgrading\r\nto an unencrypted connection without user approval.\r\nCVE-ID\r\nCVE-2011-3444 : Bernard Desruisseaux of Oracle Corporation\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in Apache\r\nDescription: Apache is updated to version 2.2.21 to address several\r\nvulnerabilities, the most serious of which may lead to a denial of\r\nservice. Further information is available via the Apache web site at\r\nhttp://httpd.apache.org/\r\nCVE-ID\r\nCVE-2011-3348\r\n\r\nApache\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.\r\nApache disabled the 'empty fragment' countermeasure which prevented\r\nthese attacks. This issue is addressed by providing a configuration\r\nparameter to control the countermeasure and enabling it by default.\r\nCVE-ID\r\nCVE-2011-3389\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of malformed\r\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\r\nthe request to an incorrect origin server. This issue does not affect\r\nsystems prior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3246 : Erling Ellingsen of Facebook\r\n\r\nCFNetwork\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in CFNetwork's handling of malformed\r\nURLs. When accessing a maliciously crafted URL, CFNetwork could send\r\nunexpected request headers. This issue does not affect systems prior\r\nto OS X Lion.\r\nCVE-ID\r\nCVE-2011-3447 : Erling Ellingsen of Facebook\r\n\r\nColorSync\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted image with an embedded\r\nColorSync profile may lead to an unexpected application termination\r\nor arbitrary code execution\r\nDescription: An integer overflow existed in the handling of images\r\nwith an embedded ColorSync profile, which may lead to a heap buffer\r\noverflow. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-0200 : binaryproof working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nCoreAudio\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Playing maliciously crafted audio content may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of AAC\r\nencoded audio streams. This issue does not affect OS X Lion systems.\r\nCVE-ID\r\nCVE-2011-3252 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nCoreMedia\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A heap buffer overflow existed in CoreMedia's handling\r\nof H.264 encoded movie files.\r\nCVE-ID\r\nCVE-2011-3448 : Scott Stender of iSEC Partners\r\n\r\nCoreText\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing or downloading a document containing a maliciously\r\ncrafted embedded font may lead to an unexpected application\r\ntermination or arbitrary code execution\r\nDescription: A use after free issue existed in the handling of font\r\nfiles.\r\nCVE-ID\r\nCVE-2011-3449 : Will Dormann of the CERT/CC\r\n\r\nCoreUI\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a malicious website may lead to an unexpected\r\napplication termination or arbitrary code execution\r\nDescription: An unbounded stack allocation issue existed in the\r\nhandling of long URLs. This issue does not affect systems prior to OS\r\nX Lion.\r\nCVE-ID\r\nCVE-2011-3450 : Ben Syverson\r\n\r\ncurl\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: A remote server may be able to impersonate clients via\r\nGSSAPI requests\r\nDescription: When doing GSSAPI authentication, libcurl\r\nunconditionally performs credential delegation. This issue is\r\naddressed by disabling GSSAPI credential delegation.\r\nCVE-ID\r\nCVE-2011-2192\r\n\r\nData Security\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker with a privileged network position may intercept\r\nuser credentials or other sensitive information\r\nDescription: Two certificate authorities in the list of trusted root\r\ncertificates have independently issued intermediate certificates to\r\nDigiCert Malaysia. DigiCert Malaysia has issued certificates with\r\nweak keys that it is unable to revoke. An attacker with a privileged\r\nnetwork position could intercept user credentials or other sensitive\r\ninformation intended for a site with a certificate issued by DigiCert\r\nMalaysia. This issue is addressed by configuring default system trust\r\nsettings so that DigiCert Malaysia's certificates are not trusted. We\r\nwould like to acknowledge Bruce Morton of Entrust, Inc. for reporting\r\nthis issue.\r\n\r\ndovecot\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: An attacker may be able to decrypt data protected by SSL\r\nDescription: There are known attacks on the confidentiality of SSL\r\n3.0 and TLS 1.0 when a cipher suite uses a block cipher in CBC mode.\r\nDovecot disabled the 'empty fragment' countermeasure which prevented\r\nthese attacks. This issue is addressed by enabling the\r\ncountermeasure.\r\nCVE-ID\r\nCVE-2011-3389 : Apple\r\n\r\nfilecmds\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Decompressing a maliciously crafted compressed file may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the 'uncompress' command\r\nline tool.\r\nCVE-ID\r\nCVE-2011-2895\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in ImageIO's handling of\r\nCCITT Group 4 encoded TIFF files. This issue does not affect OS X\r\nLion systems.\r\nCVE-ID\r\nCVE-2011-0241 : Cyril CATTIAUX of Tessi Technologies\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted TIFF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in libtiff's handling of\r\nThunderScan encoded TIFF images. This issue is address by updating\r\nlibtiff to version 3.9.5.\r\nCVE-ID\r\nCVE-2011-1167\r\n\r\nImageIO\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in libpng 1.5.4\r\nDescription: libpng is updated to version 1.5.5 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-3328\r\n\r\nInternet Sharing\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: A Wi-Fi network created by Internet Sharing may lose\r\nsecurity settings after a system update\r\nDescription: After updating to a version of OS X Lion prior to\r\n10.7.3, the Wi-Fi configuration used by Internet Sharing may revert\r\nto factory defaults, which disables the WEP password. This issue only\r\naffects systems with Internet Sharing enabled and sharing the\r\nconnection to Wi-Fi. This issue is addressed by preserving the Wi-Fi\r\nconfiguration during a system update.\r\nCVE-ID\r\nCVE-2011-3452 : an anonymous researcher\r\n\r\nLibinfo\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Visiting a maliciously crafted website may lead to the\r\ndisclosure of sensitive information\r\nDescription: An issue existed in Libinfo's handling of hostname\r\nlookup requests. Libinfo could return incorrect results for a\r\nmaliciously crafted hostname. This issue does not affect systems\r\nprior to OS X Lion.\r\nCVE-ID\r\nCVE-2011-3441 : Erling Ellingsen of Facebook\r\n\r\nlibresolv\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Applications that use OS X's libresolv library may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: An integer overflow existed in the parsing of DNS\r\nresource records, which may lead to heap memory corruption.\r\nCVE-ID\r\nCVE-2011-3453 : Ilja van Sprundel of IOActive\r\n\r\nlibsecurity\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Some EV certificates may be trusted even if the\r\ncorresponding root has been marked as untrusted\r\nDescription: The certificate code trusted a root certificate to sign\r\nEV certificates if it was on the list of known EV issuers, even if\r\nthe user had marked it as 'Never Trust' in Keychain. The root would\r\nnot be trusted to sign non-EV certificates.\r\nCVE-ID\r\nCVE-2011-3422 : Alastair Houghton\r\n\r\nOpenGL\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Applications that use OS X's OpenGL implementation may be\r\nvulnerable to an unexpected application termination or arbitrary code\r\nexecution\r\nDescription: Multiple memory corruption issues existed in the\r\nhandling of GLSL compilation.\r\nCVE-ID\r\nCVE-2011-3457 : Chris Evans of the Google Chrome Security Team, and\r\nMarc Schoenefeld of the Red Hat Security Response Team\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in PHP 5.3.6\r\nDescription: PHP is updated to version 5.3.8 to address several\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the PHP web site at\r\nhttp://www.php.net\r\nCVE-ID\r\nCVE-2011-1148\r\nCVE-2011-1657\r\nCVE-2011-1938\r\nCVE-2011-2202\r\nCVE-2011-2483\r\nCVE-2011-3182\r\nCVE-2011-3189\r\nCVE-2011-3267\r\nCVE-2011-3268\r\n\r\nPHP\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in FreeType's\r\nhandling of Type 1 fonts. This issue is addressed by updating\r\nFreeType to version 2.4.7. Further information is available via the\r\nFreeType site at http://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-3256 : Apple\r\n\r\nPHP\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Multiple vulnerabilities in libpng 1.5.4\r\nDescription: libpng is updated to version 1.5.5 to address multiple\r\nvulnerabilities, the most serious of which may lead to arbitrary code\r\nexecution. Further information is available via the libpng website at\r\nhttp://www.libpng.org/pub/png/libpng.html\r\nCVE-ID\r\nCVE-2011-3328\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Opening a maliciously crafted MP4 encoded file may lead to\r\nan unexpected application termination or arbitrary code execution\r\nDescription: An uninitialized memory access issue existed in the\r\nhandling of MP4 encoded files.\r\nCVE-ID\r\nCVE-2011-3458 : Luigi Auriemma and pa_kt both working with\r\nTippingPoint's Zero Day Initiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A signedness issue existed in the handling of font\r\ntables embedded in QuickTime movie files.\r\nCVE-ID\r\nCVE-2011-3248 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: An off by one buffer overflow existed in the handling\r\nof rdrf atoms in QuickTime movie files.\r\nCVE-ID\r\nCVE-2011-3459 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted JPEG2000 image file may lead\r\nto an unexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of JPEG2000\r\nfiles.\r\nCVE-ID\r\nCVE-2011-3250 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Processing a maliciously crafted PNG image may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of PNG files.\r\nCVE-ID\r\nCVE-2011-3460 : Luigi Auriemma working with TippingPoint's Zero Day\r\nInitiative\r\n\r\nQuickTime\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted movie file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A buffer overflow existed in the handling of FLC\r\nencoded movie files\r\nCVE-ID\r\nCVE-2011-3249 : Matt 'j00ru' Jurczyk working with TippingPoint's Zero\r\nDay Initiative\r\n\r\nSquirrelMail\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in SquirrelMail\r\nDescription: SquirrelMail is updated to version 1.4.22 to address\r\nseveral vulnerabilities, the most serious of which is a cross-site\r\nscripting issue. This issue does not affect OS X Lion systems.\r\nFurther information is available via the SquirrelMail web site at\r\nhttp://www.SquirrelMail.org/\r\nCVE-ID\r\nCVE-2010-1637\r\nCVE-2010-2813\r\nCVE-2010-4554\r\nCVE-2010-4555\r\nCVE-2011-2023\r\n\r\nSubversion\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Accessing a Subversion repository may lead to the disclosure\r\nof sensitive information\r\nDescription: Subversion is updated to version 1.6.17 to address\r\nmultiple vulnerabilities, the most serious of which may lead to the\r\ndisclosure of sensitive information. Further information is available\r\nvia the Subversion web site at http://subversion.tigris.org/\r\nCVE-ID\r\nCVE-2011-1752\r\nCVE-2011-1783\r\nCVE-2011-1921\r\n\r\nTime Machine\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: A remote attacker may access new backups created by the\r\nuser's system\r\nDescription: The user may designate a remote AFP volume or Time\r\nCapsule to be used for Time Machine backups. Time Machine did not\r\nverify that the same device was being used for subsequent backup\r\noperations. An attacker who is able to spoof the remote volume could\r\ngain access to new backups created by the user's system. This issue\r\nis addressed by verifying the unique identifier associated with a\r\ndisk for backup operations.\r\nCVE-ID\r\nCVE-2011-3462 : Michael Roitzsch of the Technische Universitat\r\nDresden\r\n\r\nTomcat\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8\r\nImpact: Multiple vulnerabilities in Tomcat 6.0.32\r\nDescription: Tomcat is updated to version 6.0.33 to address multiple\r\nvulnerabilities, the most serious of which may lead to the disclosure\r\nof sensitive information. Tomcat is only provided on Mac OS X Server\r\nsystems. This issue does not affect OS X Lion systems. Further\r\ninformation is available via the Tomcat site at\r\nhttp://tomcat.apache.org/\r\nCVE-ID\r\nCVE-2011-2204\r\n\r\nWebDAV Sharing\r\nAvailable for: OS X Lion Server v10.7 to v10.7.2\r\nImpact: Local users may obtain system privileges\r\nDescription: An issue existed in WebDAV Sharing's handling of user\r\nauthentication. A user with a valid account on the server or one of\r\nits bound directories could cause the execution of arbitrary code\r\nwith system privileges. This issue does not affect systems prior to\r\nOS X Lion.\r\nCVE-ID\r\nCVE-2011-3463 : Gordon Davisson of Crywolf\r\n\r\nWebmail\r\nAvailable for: OS X Lion v10.7 to v10.7.2,\r\nOS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted e-mail message may lead to the\r\ndisclosure of message content\r\nDescription: A cross-site scripting vulnerability existed in the\r\nhandling of mail messages. This issue is addressed by updating\r\nRoundcube Webmail to version 0.6. This issue does not affect systems\r\nprior to OS X Lion. Further information is available via the\r\nRoundcube site at http://trac.roundcube.net/\r\nCVE-ID\r\nCVE-2011-2937\r\n\r\nX11\r\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\r\nOS X Lion v10.7 to v10.7.2, OS X Lion Server v10.7 to v10.7.2\r\nImpact: Viewing a maliciously crafted PDF file may lead to an\r\nunexpected application termination or arbitrary code execution\r\nDescription: A memory corruption issue existed in FreeType's\r\nhandling of Type 1 fonts. This issue is addressed by updating\r\nFreeType to version 2.4.7. Further information is available via the\r\nFreeType site at http://www.freetype.org/\r\nCVE-ID\r\nCVE-2011-3256 : Apple\r\n\r\nOS X Lion v10.7.3 and Security Update 2012-001 may be obtained from\r\nthe Software Update pane in System Preferences, or Apple's Software\r\nDownloads web site:\r\nhttp://www.apple.com/support/downloads/\r\n\r\nThe Software Update utility will present the update that applies\r\nto your system configuration. Only one is needed, either\r\nSecurity Update 2021-001 or OS X v10.7.3.\r\n\r\nFor OS X Lion v10.7.2\r\nThe download file is named: MacOSXUpd10.7.3.dmg\r\nIts SHA-1 digest is: 7102fe8f9f47286c45dfa35f6e84e7f730493a7c\r\n\r\nFor OS X Lion v10.7 and v10.7.1\r\nThe download file is named: MacOSXUpdCombo10.7.3.dmg\r\nIts SHA-1 digest is: 07dfce300f6801eb63d9ac13e0bec84e1862a16c\r\n\r\nFor OS X Lion Server v10.7.2\r\nThe download file is named: MacOSXServerUpd10.7.3.dmg\r\nIts SHA-1 digest is: 55a9571635d4ec088c142d68132d0d69fcb8867d\r\n\r\nFor OS X Lion Server v10.7 and v10.7.1\r\nThe download file is named: MacOSXServerUpdCombo10.7.3.dmg\r\nIts SHA-1 digest is: 2c87824f09734499ea166ea0617a3ac21ecf832b\r\n\r\nFor Mac OS X v10.6.8\r\nThe download file is named: SecUpd2012-001Snow.dmg\r\nIts SHA-1 digest is: 40875ee8cb609bbaefc8f421a9c34cc353db42b8\r\n\r\nFor Mac OS X Server v10.6.8\r\nThe download file is named: SecUpdSrvr2012-001.dmg\r\nIts SHA-1 digest is: 53b3ca5548001a9920aeabed4a034c6e4657fe20\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: http://support.apple.com/kb/HT1222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG/MacGPG2 v2.0.16 (Darwin)\r\n\r\niQEcBAEBAgAGBQJPKYxNAAoJEGnF2JsdZQeeLiIIAMLhH2ipDFrhCsw/n4VDeF1V\r\nP6jSkGXC9tBBVMvw1Xq4c2ok4SI34bDfMlURAVR+dde/h6nIZR24aLQVoDLjJuIp\r\nRrO2dm1nQeozLJSx2NbxhVh54BucJdKp4xS1GkDNxkqcdh04RE9hRURXdKagnfGy\r\n9P8QQPOQmKAiWos/LYhCPDInMfrpVNvEVwP8MCDP15g6hylN4De/Oyt7ZshPshSf\r\nMnAFObfBTGX5KioVqTyfdlBkKUfdXHJux61QEFHn8eadX6+/6IuKbUvK9B0icc8E\r\npvbjOxQatFRps0KNWeIsKQc5i6iQoJhocAiIy6Y6LCuZQuSXCImY2RWXkVYzbWo=\r\n=c1eU\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "cvss3": {}, "published": "2012-02-03T00:00:00", "title": "APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-3348", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "modified": "2012-02-03T00:00:00", "id": "SECURITYVULNS:DOC:27600", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27600", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2021-10-22T00:32:54", "description": "- ------------------------------------------------------------------------\nDebian Security Advisory DSA-2091-1 security@debian.org\nhttp://www.debian.org/security/ Luciano Bello\nAugust 12, 2010 http://www.debian.org/security/faq\n- ------------------------------------------------------------------------\n\nPackage : squirrelmail\nVulnerability : No user-specific token implemented\nProblem type : remote\nDebian-specific: no\nDebian bug : 543818\nCVE ID : CVE-2009-2964 CVE-2010-2813\n\nSquirrelMail, a webmail application, does not employ a user-specific token \nfor webforms. This allows a remote attacker to perform a Cross Site Request \nForgery (CSRF) attack. The attacker may hijack the authentication of \nunspecified victims and send messages or change user preferences among other \nactions, by tricking the victim into following a link controled by the \noffender.\n\nIn addition, a denial-of-service was fixed, which could be triggered when a \npasswords containing 8-bit characters was used to log in (CVE-2010-2813).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny3.1.\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems have been fixed in version 1.4.21-1.\n\nWe recommend that you upgrade your squirrelmail packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1.diff.gz\n Size/MD5 checksum: 34647 2251562662703a0d8e4f0de309ca60a6\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15.orig.tar.gz\n Size/MD5 checksum: 621320 87b466fef98e770307afffd75fe25589\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1.dsc\n Size/MD5 checksum: 1240 a4e2ab21379259946f02a1d30831fe6d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.15-4+lenny3.1_all.deb\n Size/MD5 checksum: 615152 d08549fd86ffec2ae16b36e358f50cd6\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>", "cvss3": {}, "published": "2010-08-12T20:20:02", "type": "debian", "title": "[SECURITY] [DSA 2091-1] New squirrelmail packages fix cross-site request forgery", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964", "CVE-2010-2813"], "modified": "2010-08-12T20:20:02", "id": "DEBIAN:DSA-2091-1:23614", "href": "https://lists.debian.org/debian-security-announce/2010/msg00136.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2018-01-11T11:04:40", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 2091-1.", "cvss3": {}, "published": "2010-08-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2091-1 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2009-2964"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:136141256231067845", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231067845", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2091_1.nasl 8338 2018-01-09 08:00:38Z teissa $\n# Description: Auto-generated from advisory DSA 2091-1 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail, a webmail application, does not employ a user-specific token\nfor webforms. This allows a remote attacker to perform a Cross Site Request\nForgery (CSRF) attack. The attacker may hijack the authentication of\nunspecified victims and send messages or change user preferences among other\nactions, by tricking the victim into following a link controlled by the\noffender.\n\nIn addition, a denial-of-service was fixed, which could be triggered when a\npasswords containing 8-bit characters was used to log in (CVE-2010-2813).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny3.1.\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems have been fixed in version 1.4.21-1.\n\nWe recommend that you upgrade your squirrelmail packages.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 2091-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202091-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.67845\");\n script_version(\"$Revision: 8338 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 09:00:38 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-21 08:54:16 +0200 (Sat, 21 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-2964\", \"CVE-2010-2813\");\n script_name(\"Debian Security Advisory DSA 2091-1 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny3.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:24", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory DSA 2091-1.", "cvss3": {}, "published": "2010-08-21T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2091-1 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2009-2964"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:67845", "href": "http://plugins.openvas.org/nasl.php?oid=67845", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2091_1.nasl 6614 2017-07-07 12:09:12Z cfischer $\n# Description: Auto-generated from advisory DSA 2091-1 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail, a webmail application, does not employ a user-specific token\nfor webforms. This allows a remote attacker to perform a Cross Site Request\nForgery (CSRF) attack. The attacker may hijack the authentication of\nunspecified victims and send messages or change user preferences among other\nactions, by tricking the victim into following a link controlled by the\noffender.\n\nIn addition, a denial-of-service was fixed, which could be triggered when a\npasswords containing 8-bit characters was used to log in (CVE-2010-2813).\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny3.1.\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems have been fixed in version 1.4.21-1.\n\nWe recommend that you upgrade your squirrelmail packages.\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory DSA 2091-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202091-1\";\n\n\nif(description)\n{\n script_id(67845);\n script_version(\"$Revision: 6614 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:12 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-21 08:54:16 +0200 (Sat, 21 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-2964\", \"CVE-2010-2813\");\n script_name(\"Debian Security Advisory DSA 2091-1 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"squirrelmail\", ver:\"1.4.15-4+lenny3.1\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:05:07", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:1361412562310831136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in squirrelmail:\n\n functions/imap_general.php in SquirrelMail before 1.4.21 does not\n properly handle 8-bit characters in passwords, which allows remote\n attackers to cause a denial of service (disk consumption) by making\n many IMAP login attempts with different usernames, leading to the\n creation of many preferences files (CVE-2010-2813).\n \n This update provides squirrelmail 1.4.21, which is not vulnerable to\n this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00018.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831136\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:158\");\n script_cve_id(\"CVE-2010-2813\");\n script_name(\"Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bn-bangladesh\", rpm:\"squirrelmail-bn-bangladesh~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bn-india\", rpm:\"squirrelmail-bn-india~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-km\", rpm:\"squirrelmail-km~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-lv\", rpm:\"squirrelmail-lv~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-mk\", rpm:\"squirrelmail-mk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ta\", rpm:\"squirrelmail-ta~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:08", "description": "SquirrelMail is prone to a remote denial-of-service vulnerability\n because it fails to properly handle certain user requests.", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "SquirrelMail Remote Denial of Service Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2019-03-07T00:00:00", "id": "OPENVAS:1361412562310100759", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310100759", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_SquirrelMail_42399.nasl 14033 2019-03-07 11:09:35Z cfischer $\n#\n# SquirrelMail Remote Denial of Service Vulnerability\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squirrelmail:squirrelmail';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.100759\");\n script_version(\"$Revision: 14033 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-07 12:09:35 +0100 (Thu, 07 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 12:44:16 +0200 (Fri, 13 Aug 2010)\");\n script_bugtraq_id(42399);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2010-2813\");\n script_name(\"SquirrelMail Remote Denial of Service Vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_copyright(\"This script is Copyright (C) 2010 Greenbone Networks GmbH\");\n script_dependencies(\"squirrelmail_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"squirrelmail/installed\");\n\n script_xref(name:\"URL\", value:\"https://www.securityfocus.com/bid/42399\");\n script_xref(name:\"URL\", value:\"http://www.squirrelmail.org/\");\n script_xref(name:\"URL\", value:\"http://www.squirrelmail.org/security/issue/2010-07-23\");\n script_xref(name:\"URL\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=618096\");\n\n script_tag(name:\"impact\", value:\"An attacker can exploit this issue to cause the application to consume\n excessive disk space, resulting in denial-of-service conditions.\");\n\n script_tag(name:\"affected\", value:\"SquirrelMail versions prior and up to 1.4.20 are vulnerable. Others\n may also be affected.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"SquirrelMail is prone to a remote denial-of-service vulnerability\n because it fails to properly handle certain user requests.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! vers = get_app_version( cpe:CPE, port:port ) )\n exit( 0 );\n\nif( version_is_less( version:vers, test_version:\"1.4.21\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.4.21\" );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-12-21T11:33:05", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-30T00:00:00", "type": "openvas", "title": "Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2017-12-20T00:00:00", "id": "OPENVAS:831136", "href": "http://plugins.openvas.org/nasl.php?oid=831136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in squirrelmail:\n\n functions/imap_general.php in SquirrelMail before 1.4.21 does not\n properly handle 8-bit characters in passwords, which allows remote\n attackers to cause a denial of service (disk consumption) by making\n many IMAP login attempts with different usernames, leading to the\n creation of many preferences files (CVE-2010-2813).\n \n This update provides squirrelmail 1.4.21, which is not vulnerable to\n this issue.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2010-08/msg00018.php\");\n script_id(831136);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-30 16:59:25 +0200 (Mon, 30 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDVSA\", value: \"2010:158\");\n script_cve_id(\"CVE-2010-2813\");\n script_name(\"Mandriva Update for squirrelmail MDVSA-2010:158 (squirrelmail)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bn-bangladesh\", rpm:\"squirrelmail-bn-bangladesh~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-bn-india\", rpm:\"squirrelmail-bn-india~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-km\", rpm:\"squirrelmail-km~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-lv\", rpm:\"squirrelmail-lv~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-mk\", rpm:\"squirrelmail-mk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ta\", rpm:\"squirrelmail-ta~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.21~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:56:45", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1490.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:65731", "href": "http://plugins.openvas.org/nasl.php?oid=65731", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1490.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1490 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1490.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(65731);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1490\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1490.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-08-12\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_4.10\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:34", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8822.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8822 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064722", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064722", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8822.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8822 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Implemented page referral verification mechanism. (Secunia Advisory SA34627)\n- Implemented security token system. (Secunia Advisory SA34627)\n\nChangeLog:\n\n* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2\n- fix #517312 - CSRF issues in all forms (SA34627)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8822\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8822.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64722\");\n script_cve_id(\"CVE-2009-2964\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-8822 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=517312\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:58", "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1490.", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1490 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:65756", "href": "http://plugins.openvas.org/nasl.php?oid=65756", "sourceData": "#CESA-2009:1490 65756 4\n# $Id: ovcesa2009_1490.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1490 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1490\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1490\nhttps://rhn.redhat.com/errata/RHSA-2009-1490.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1490.\";\n\n\n\nif(description)\n{\n script_id(65756);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1490 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:48", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1490 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880729", "href": "http://plugins.openvas.org/nasl.php?oid=880729", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1490 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n Form submissions in SquirrelMail did not implement protection against\n Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\n user into visiting a malicious web page, the attacker could hijack that\n user's authentication, inject malicious content into that user's\n preferences, or possibly send mail without that user's permission.\n (CVE-2009-2964)\n \n Users of SquirrelMail should upgrade to this updated package, which\n contains a backported patch to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016181.html\");\n script_id(880729);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1490\");\n script_cve_id(\"CVE-2009-2964\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1490 centos3 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3.centos.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:07", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:222.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231064694", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064694", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_222.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:222 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in squirrelmail:\n\nAll form submissions (send message, change preferences, etc.) in\nSquirrelMail were previously subject to cross-site request forgery\n(CSRF), wherein data could be sent to them from an offsite location,\nwhich could allow an attacker to inject malicious content into\nuser preferences or possibly send emails without user consent\n(CVE-2009-2964).\n\nThis update provides a solution to this vulnerability.\n\nAffected: Corporate 4.0, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:222\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:222.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64694\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:25", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:1490.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:1490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065731", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065731", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_1490.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:1490 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:1490.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65731\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:1490\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-1490.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n script_xref(name : \"URL\" , value : \"http://www.squirrelmail.org/security/issue/2009-08-12\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_4.10\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:40:03", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1490 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880918", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880918", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1490 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016185.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880918\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1490\");\n script_cve_id(\"CVE-2009-2964\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1490 centos4 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 4\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n Form submissions in SquirrelMail did not implement protection against\n Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\n user into visiting a malicious web page, the attacker could hijack that\n user's authentication, inject malicious content into that user's\n preferences, or possibly send mail without that user's permission.\n (CVE-2009-2964)\n\n Users of SquirrelMail should upgrade to this updated package, which\n contains a backported patch to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-25T10:56:31", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8822.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8822 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:64722", "href": "http://plugins.openvas.org/nasl.php?oid=64722", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8822.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8822 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\n- Implemented page referral verification mechanism. (Secunia Advisory SA34627)\n- Implemented security token system. (Secunia Advisory SA34627)\n\nChangeLog:\n\n* Mon Aug 17 2009 Michal Hlavinka - 1.4.19-2\n- fix #517312 - CSRF issues in all forms (SA34627)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update squirrelmail' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8822\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory FEDORA-2009-8822.\";\n\n\n\nif(description)\n{\n script_id(64722);\n script_cve_id(\"CVE-2009-2964\");\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 11 FEDORA-2009-8822 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=517312\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1490 centos3 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310880729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310880729", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1490 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2009-October/016181.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.880729\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2009:1490\");\n script_cve_id(\"CVE-2009-2964\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1490 centos3 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS3\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 3\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n Form submissions in SquirrelMail did not implement protection against\n Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\n user into visiting a malicious web page, the attacker could hijack that\n user's authentication, inject malicious content into that user's\n preferences, or possibly send mail without that user's permission.\n (CVE-2009-2964)\n\n Users of SquirrelMail should upgrade to this updated package, which\n contains a backported patch to correct these issues.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3.centos.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:37:09", "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1490.", "cvss3": {}, "published": "2009-10-13T00:00:00", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:1490 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231065756", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065756", "sourceData": "#CESA-2009:1490 65756 4\n# $Id: ovcesa2009_1490.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:1490 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:1490\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:1490\nhttps://rhn.redhat.com/errata/RHSA-2009-1490.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:1490.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65756\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-13 18:25:40 +0200 (Tue, 13 Oct 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:1490 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~16.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:55:22", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2011-08-09T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:1490 centos4 i386", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:880918", "href": "http://plugins.openvas.org/nasl.php?oid=880918", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:1490 centos4 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n Form submissions in SquirrelMail did not implement protection against\n Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\n user into visiting a malicious web page, the attacker could hijack that\n user's authentication, inject malicious content into that user's\n preferences, or possibly send mail without that user's permission.\n (CVE-2009-2964)\n \n Users of SquirrelMail should upgrade to this updated package, which\n contains a backported patch to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 4\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-October/016185.html\");\n script_id(880918);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2009:1490\");\n script_cve_id(\"CVE-2009-2964\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:1490 centos4 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4_8.8\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:40", "description": "Oracle Linux Local Security Checks ELSA-2009-1490", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-1490", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122428", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122428", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-1490.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122428\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:45:13 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-1490\");\n script_tag(name:\"insight\", value:\"ELSA-2009-1490 - squirrelmail security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-1490\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-1490.html\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.0.1.el5_4.10\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:40:25", "description": "This host is running SquirrelMail and is prone to multiple Cross\n Site Request Forgery vulnerabilities.", "cvss3": {}, "published": "2009-08-28T00:00:00", "type": "openvas", "title": "SquirrelMail Multiple Cross-Site Request Forgery Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2019-03-07T00:00:00", "id": "OPENVAS:1361412562310900830", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310900830", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_squirrelmail_csrf_vuln.nasl 14033 2019-03-07 11:09:35Z cfischer $\n#\n# SquirrelMail Multiple Cross-Site Request Forgery Vulnerabilities\n#\n# Authors:\n# Sharath S <sharaths@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2009 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = 'cpe:/a:squirrelmail:squirrelmail';\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.900830\");\n script_version(\"$Revision: 14033 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-07 12:09:35 +0100 (Thu, 07 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2009-08-28 14:39:11 +0200 (Fri, 28 Aug 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2009-2964\");\n script_name(\"SquirrelMail Multiple Cross-Site Request Forgery Vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"squirrelmail_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"squirrelmail/installed\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/34627\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/52406\");\n script_xref(name:\"URL\", value:\"http://www.squirrelmail.org/security/issue/2009-08-12\");\n\n script_tag(name:\"impact\", value:\"Attacker may leverage this issue to modify user preferences, delete emails,\n and potentially send emails, and can hijack the authentication of unspecified victims.\");\n\n script_tag(name:\"affected\", value:\"SquirrelMail version 1.4.19 and prior on Linux.\");\n\n script_tag(name:\"insight\", value:\"Multiple CSRF errors are caused via features such as send message and change\n preferences, related to addrbook_search_html.php, folders_rename_getname.php, folders_rename_do.php,\n folders_subscribe.php, move_messages.php, options.php, options_highlight.php, options_identities.php,\n options_order.php, search.php, addressbook.php, compose.php, folders.php, folders_create.php, vcard.php and\n folders_delete.php in /src and mailbox_display.php in functions directory.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to version 1.4.20 RC1 or later.\");\n\n script_tag(name:\"summary\", value:\"This host is running SquirrelMail and is prone to multiple Cross\n Site Request Forgery vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_xref(name:\"URL\", value:\"http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13818\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) )\n exit( 0 );\n\nif( ! vers = get_app_version( cpe:CPE, port:port ) )\n exit( 0 );\n\nif( version_is_less_equal( version:vers, test_version:\"1.4.19\" ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"1.4.20 RC1\" );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:56:22", "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:222.", "cvss3": {}, "published": "2009-09-02T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:64694", "href": "http://plugins.openvas.org/nasl.php?oid=64694", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_222.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:222 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in squirrelmail:\n\nAll form submissions (send message, change preferences, etc.) in\nSquirrelMail were previously subject to cross-site request forgery\n(CSRF), wherein data could be sent to them from an offsite location,\nwhich could allow an attacker to inject malicious content into\nuser preferences or possibly send emails without user consent\n(CVE-2009-2964).\n\nThis update provides a solution to this vulnerability.\n\nAffected: Corporate 4.0, Enterprise Server 5.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:222\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:222.\";\n\n \n\nif(description)\n{\n script_id(64694);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2009-2964\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.19~0.2.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.19~2.2mdvmes5\", rls:\"MNDK_mes5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-23T13:05:47", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2010-11422", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2010-1637"], "modified": "2018-01-23T00:00:00", "id": "OPENVAS:1361412562310862309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862309", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2010-11422\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 13\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no JavaScript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862309\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11422\");\n script_cve_id(\"CVE-2010-2813\", \"CVE-2010-1637\");\n script_name(\"Fedora Update for squirrelmail FEDORA-2010-11422\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:04:44", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2010-11410", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2010-1637"], "modified": "2018-01-10T00:00:00", "id": "OPENVAS:1361412562310862307", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2010-11410\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 12\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no JavaScript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862307\");\n script_version(\"$Revision: 8356 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 09:00:39 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11410\");\n script_cve_id(\"CVE-2010-2813\", \"CVE-2010-1637\");\n script_name(\"Fedora Update for squirrelmail FEDORA-2010-11410\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-02T10:54:39", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2010-11422", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2010-1637"], "modified": "2017-12-25T00:00:00", "id": "OPENVAS:862309", "href": "http://plugins.openvas.org/nasl.php?oid=862309", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2010-11422\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 13\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no JavaScript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html\");\n script_id(862309);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11422\");\n script_cve_id(\"CVE-2010-2813\", \"CVE-2010-1637\");\n script_name(\"Fedora Update for squirrelmail FEDORA-2010-11422\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-12-20T13:18:38", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2010-08-13T00:00:00", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2010-11410", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2010-1637"], "modified": "2017-12-19T00:00:00", "id": "OPENVAS:862307", "href": "http://plugins.openvas.org/nasl.php?oid=862307", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2010-11410\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 12\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no JavaScript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html\");\n script_id(862307);\n script_version(\"$Revision: 8164 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-19 07:30:41 +0100 (Tue, 19 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-08-13 14:24:53 +0200 (Fri, 13 Aug 2010)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-11410\");\n script_cve_id(\"CVE-2010-2813\", \"CVE-2010-1637\");\n script_name(\"Fedora Update for squirrelmail FEDORA-2010-11410\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.21~1.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:51:47", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2013-01-21T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2013:0126 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2124", "CVE-2010-2813"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:881572", "href": "http://plugins.openvas.org/nasl.php?oid=881572", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2013:0126 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\n text stated, correct the CVE-2010-2813 issue, a flaw in the way\n SquirrelMail handled failed log in attempts. A user preference file was\n created when attempting to log in with a password containing an 8-bit\n character, even if the username was not valid. A remote attacker could use\n this flaw to eventually consume all hard disk space on the target\n SquirrelMail server. (CVE-2012-2124)\n \n This update also fixes the following bugs:\n \n * Prior to this update, SquirrelMail could not decode multi-line subjects\n properly. Consequently, the decode header internationalization option did\n not properly handle new lines or tabs at the beginning of the lines. This\n bug has been fixed and SquirrelMail now works correctly in the described\n scenario. (BZ#241861)\n \n * Due to a bug, attachments written in HTML code on the Windows operating\n system were not displayed properly when accessed with SquirrelMail; the\n "!=null" string was trimmed to "!ull". This bug has been fixed and the\n attachments are now displayed correctly in such a case. (BZ#359791)\n \n * Previously, e-mail messages with a Unique Identifier (UID) larger than\n 2^31 bytes were unreadable when using the squirrelmail package. With this\n patch the squirrelmail package is able to read all messages regardless of\n the UIDs size. (BZ#450780)\n \n * Due to a bug, a PHP script did not assign the proper character set to\n requested variables. Consequently, SquirrelMail could not display any\n e-mails. The underlying source code has been modified and now the\n squirrelmail package assigns the correct character set. (BZ#475188)\n \n * Due to the incorrect internationalization option located at the i18n.php\n file, the squirrelmail package could not use the GB 2312 character set. The\n i18n.php file has been fixed and the GB 2312 character set works correctly\n in the described scenario. (BZ#508686)\n \n * Previously, the preg_split() function contained a misspelled constant,\n PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error\n messages. The name of the constant has been corrected to\n PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in\n this scenario. (BZ#528758)\n \n * Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from\n the SquirrelMail web interface was blocked. This update adds a note to the\n SquirrelMail documentation that describes how to set the SELinux options to\n allow sending e-mails from ... \n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"squirrelmail on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-January/019177.html\");\n script_id(881572);\n script_version(\"$Revision: 6655 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:48:58 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-21 09:41:41 +0530 (Mon, 21 Jan 2013)\");\n script_cve_id(\"CVE-2012-2124\", \"CVE-2010-2813\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0126\");\n script_name(\"CentOS Update for squirrelmail CESA-2013:0126 centos5 \");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~21.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:49", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-11T00:00:00", "type": "openvas", "title": "RedHat Update for squirrelmail RHSA-2013:0126-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2124", "CVE-2010-2813"], "modified": "2019-03-12T00:00:00", "id": "OPENVAS:1361412562310870880", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870880", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squirrelmail RHSA-2013:0126-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-January/msg00009.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870880\");\n script_version(\"$Revision: 14114 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-12 12:48:52 +0100 (Tue, 12 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-11 16:42:08 +0530 (Fri, 11 Jan 2013)\");\n script_cve_id(\"CVE-2012-2124\", \"CVE-2010-2813\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0126-01\");\n script_name(\"RedHat Update for squirrelmail RHSA-2013:0126-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"squirrelmail on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\n text stated, correct the CVE-2010-2813 issue, a flaw in the way\n SquirrelMail handled failed log in attempts. A user preference file was\n created when attempting to log in with a password containing an 8-bit\n character, even if the username was not valid. A remote attacker could use\n this flaw to eventually consume all hard disk space on the target\n SquirrelMail server. (CVE-2012-2124)\n\n This update also fixes the following bugs:\n\n * Prior to this update, SquirrelMail could not decode multi-line subjects\n properly. Consequently, the decode header internationalization option did\n not properly handle new lines or tabs at the beginning of the lines. This\n bug has been fixed and SquirrelMail now works correctly in the described\n scenario. (BZ#241861)\n\n * Due to a bug, attachments written in HTML code on the Windows operating\n system were not displayed properly when accessed with SquirrelMail. The\n '!=null' string was trimmed to '!ull'. This bug has been fixed and the\n attachments are now displayed correctly in such a case. (BZ#359791)\n\n * Previously, e-mail messages with a Unique Identifier (UID) larger than\n 2^31 bytes were unreadable when using the squirrelmail package. With this\n patch the squirrelmail package is able to read all messages regardless of\n the UIDs size. (BZ#450780)\n\n * Due to a bug, a PHP script did not assign the proper character set to\n requested variables. Consequently, SquirrelMail could not display any\n e-mails. The underlying source code has been modified and now the\n squirrelmail package assigns the correct character set. (BZ#475188)\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-01-21T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2013:0126 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2124", "CVE-2010-2813"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881572", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881572", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2013:0126 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-January/019177.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881572\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-21 09:41:41 +0530 (Mon, 21 Jan 2013)\");\n script_cve_id(\"CVE-2012-2124\", \"CVE-2010-2813\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0126\");\n script_name(\"CentOS Update for squirrelmail CESA-2013:0126 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\n text stated, correct the CVE-2010-2813 issue, a flaw in the way\n SquirrelMail handled failed log in attempts. A user preference file was\n created when attempting to log in with a password containing an 8-bit\n character, even if the username was not valid. A remote attacker could use\n this flaw to eventually consume all hard disk space on the target\n SquirrelMail server. (CVE-2012-2124)\n\n This update also fixes the following bugs:\n\n * Prior to this update, SquirrelMail could not decode multi-line subjects\n properly. Consequently, the decode header internationalization option did\n not properly handle new lines or tabs at the beginning of the lines. This\n bug has been fixed and SquirrelMail now works correctly in the described\n scenario. (BZ#241861)\n\n * Due to a bug, attachments written in HTML code on the Windows operating\n system were not displayed properly when accessed with SquirrelMail. The\n '!=null' string was trimmed to '!ull'. This bug has been fixed and the\n attachments are now displayed correctly in such a case. (BZ#359791)\n\n * Previously, e-mail messages with a Unique Identifier (UID) larger than\n 2^31 bytes were unreadable when using the squirrelmail package. With this\n patch the squirrelmail package is able to read all messages regardless of\n the UIDs size. (BZ#450780)\n\n * Due to a bug, a PHP script did not assign the proper character set to\n requested variables. Consequently, SquirrelMail could not display any\n e-mails. The underlying source code has been modified and now the\n squirrelmail package assigns the correct character set. (BZ#475188)\n\n * Due to the incorrect internationalization option located at the i18n.php\n file, the squirrelmail package could not use the GB 2312 character set. The\n i18n.php file has been fixed and the GB 2312 character set works correctly\n in the described scenario. (BZ#508686)\n\n * Previously, the preg_split() function contained a misspelled constant,\n PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error\n messages. The name of the constant has been corrected to\n PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in\n this scenario. (BZ#528758)\n\n * Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from\n the SquirrelMail web interface was blocked. This update adds a note to the\n SquirrelMail documentation that describes how to set the SELinux options to\n allow sending e-mails from ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~21.el5.centos\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-27T10:51:52", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2013-01-11T00:00:00", "type": "openvas", "title": "RedHat Update for squirrelmail RHSA-2013:0126-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2124", "CVE-2010-2813"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870880", "href": "http://plugins.openvas.org/nasl.php?oid=870880", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squirrelmail RHSA-2013:0126-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\n text stated, correct the CVE-2010-2813 issue, a flaw in the way\n SquirrelMail handled failed log in attempts. A user preference file was\n created when attempting to log in with a password containing an 8-bit\n character, even if the username was not valid. A remote attacker could use\n this flaw to eventually consume all hard disk space on the target\n SquirrelMail server. (CVE-2012-2124)\n\n This update also fixes the following bugs:\n\n * Prior to this update, SquirrelMail could not decode multi-line subjects\n properly. Consequently, the decode header internationalization option did\n not properly handle new lines or tabs at the beginning of the lines. This\n bug has been fixed and SquirrelMail now works correctly in the described\n scenario. (BZ#241861)\n\n * Due to a bug, attachments written in HTML code on the Windows operating\n system were not displayed properly when accessed with SquirrelMail; the\n "!=null" string was trimmed to '!ull'. This bug has been fixed and the\n attachments are now displayed correctly in such a case. (BZ#359791)\n\n * Previously, e-mail messages with a Unique Identifier (UID) larger than\n 2^31 bytes were unreadable when using the squirrelmail package. With this\n patch the squirrelmail package is able to read all messages regardless of\n the UIDs size. (BZ#450780)\n\n * Due to a bug, a PHP script did not assign the proper character set to\n requested variables. Consequently, SquirrelMail could not display any\n e-mails. The underlying source code has been modified and now the\n squirrelmail package assigns the correct character set. (BZ#475188)\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"squirrelmail on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-January/msg00009.html\");\n script_id(870880);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-11 16:42:08 +0530 (Fri, 11 Jan 2013)\");\n script_cve_id(\"CVE-2012-2124\", \"CVE-2010-2813\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0126-01\");\n script_name(\"RedHat Update for squirrelmail RHSA-2013:0126-01\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~21.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2012:0103 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881232", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881232", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2012:0103 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018423.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881232\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:53:37 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0103\");\n script_name(\"CentOS Update for squirrelmail CESA-2012:0103 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n\n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n\n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n\n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n\n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n\n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n\n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n\n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.13\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "RedHat Update for squirrelmail RHSA-2012:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870543", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squirrelmail RHSA-2012:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00021.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870543\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:28:49 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"RHSA\", value:\"2012:0103-01\");\n script_name(\"RedHat Update for squirrelmail RHSA-2012:0103-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_(5|4)\");\n script_tag(name:\"affected\", value:\"squirrelmail on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n\n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n\n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n\n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n\n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n\n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n\n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n\n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_7.13\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:36", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2012:0103 centos4", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881223", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881223", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2012:0103 centos4\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-February/018422.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881223\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:50:51 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0103\");\n script_name(\"CentOS Update for squirrelmail CESA-2012:0103 centos4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'squirrelmail'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS4\");\n script_tag(name:\"affected\", value:\"squirrelmail on CentOS 4\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n\n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n\n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n\n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n\n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n\n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n\n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n\n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~18.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:07", "description": "Oracle Linux Local Security Checks ELSA-2012-0103", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0103", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123994", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123994", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0103.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123994\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:21 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0103\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0103 - squirrelmail security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0103\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0103.html\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.0.1.el5_7.13\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:06:47", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2012:0103 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:881232", "href": "http://plugins.openvas.org/nasl.php?oid=881232", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2012:0103 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n \n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n \n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n \n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n \n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n \n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n \n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n \n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\n\ntag_affected = \"squirrelmail on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018423.html\");\n script_id(881232);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:53:37 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0103\");\n script_name(\"CentOS Update for squirrelmail CESA-2012:0103 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.13\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-03T10:58:41", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2012-02-13T00:00:00", "type": "openvas", "title": "RedHat Update for squirrelmail RHSA-2012:0103-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:870543", "href": "http://plugins.openvas.org/nasl.php?oid=870543", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for squirrelmail RHSA-2012:0103-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n \n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n \n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n \n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n \n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n \n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n \n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n \n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\n\ntag_affected = \"squirrelmail on Red Hat Enterprise Linux (v. 5 server),\n Red Hat Enterprise Linux AS version 4,\n Red Hat Enterprise Linux ES version 4,\n Red Hat Enterprise Linux WS version 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00021.html\");\n script_id(870543);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-13 16:28:49 +0530 (Mon, 13 Feb 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"RHSA\", value: \"2012:0103-01\");\n script_name(\"RedHat Update for squirrelmail RHSA-2012:0103-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5_7.13\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"RHENT_4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~18.el4\", rls:\"RHENT_4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-11T11:07:59", "description": "Check for the Version of squirrelmail", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2012:0103 centos4 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:881223", "href": "http://plugins.openvas.org/nasl.php?oid=881223", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2012:0103 centos4 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is a standards-based webmail package written in PHP.\n\n A cross-site scripting (XSS) flaw was found in the way SquirrelMail\n performed the sanitization of HTML style tag content. A remote attacker\n could use this flaw to send a specially-crafted Multipurpose Internet Mail\n Extensions (MIME) message that, when opened by a victim, would lead to\n arbitrary web script execution in the context of their SquirrelMail\n session. (CVE-2011-2023)\n \n Multiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\n remote attacker could possibly use these flaws to execute arbitrary web\n script in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n \n An input sanitization flaw was found in the way SquirrelMail handled the\n content of various HTML input fields. A remote attacker could use this\n flaw to alter user preference values via a newline character contained in\n the input for these fields. (CVE-2011-2752)\n \n It was found that the SquirrelMail Empty Trash and Index Order pages did\n not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\n attacker could trick a user, who was logged into SquirrelMail, into\n visiting a specially-crafted URL, the attacker could empty the victim's\n trash folder or alter the ordering of the columns on the message index\n page. (CVE-2011-2753)\n \n SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\n remote attacker to perform a clickjacking attack against logged in users\n and possibly gain access to sensitive user data. With this update, the\n SquirrelMail main frame can only be loaded into the top most browser frame.\n (CVE-2010-4554)\n \n A flaw was found in the way SquirrelMail handled failed log in attempts. A\n user preference file was created when attempting to log in with a password\n containing an 8-bit character, even if the username was not valid. A\n remote attacker could use this flaw to eventually consume all hard disk\n space on the target SquirrelMail server. (CVE-2010-2813)\n \n A flaw was found in the SquirrelMail Mail Fetch plug-in. If an\n administrator enabled this plug-in, a SquirrelMail user could use this flaw\n to port scan the local network the server was on. (CVE-2010-1637)\n \n Users of SquirrelMail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\n\ntag_affected = \"squirrelmail on CentOS 4\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018422.html\");\n script_id(881223);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:50:51 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\",\n \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0103\");\n script_name(\"CentOS Update for squirrelmail CESA-2012:0103 centos4 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS4\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~18.el4.centos\", rls:\"CentOS4\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:34:18", "description": "This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2017-04-18T00:00:00", "type": "openvas", "title": "Apple Mac OS X Multiple Vulnerabilities-01 April-2017", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-0302", "CVE-2009-1579", "CVE-2010-1382", "CVE-2010-0186", "CVE-2010-1374", "CVE-2010-0545", "CVE-2010-0540", "CVE-2010-1381", "CVE-2010-1748", "CVE-2010-0187", "CVE-2010-0734", "CVE-2010-0546", "CVE-2009-1580", "CVE-2009-1581", "CVE-2010-1411", "CVE-2009-1578", "CVE-2009-4212", "CVE-2009-2964", "CVE-2010-0541"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310810929", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810929", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_apple_macosx_mult_vuln01_apr17.nasl 14295 2019-03-18 20:16:46Z cfischer $\n#\n# Apple Mac OS X Multiple Vulnerabilities-01 April-2017\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810929\");\n script_version(\"$Revision: 14295 $\");\n script_cve_id(\"CVE-2010-0540\", \"CVE-2010-0302\", \"CVE-2010-1748\", \"CVE-2010-0545\",\n \"CVE-2010-0186\", \"CVE-2010-0187\", \"CVE-2010-0546\", \"CVE-2010-1374\",\n \"CVE-2010-1411\", \"CVE-2009-4212\", \"CVE-2010-0734\", \"CVE-2010-0541\",\n \"CVE-2010-1381\", \"CVE-2009-1578\", \"CVE-2009-1579\", \"CVE-2009-1580\",\n \"CVE-2009-1581\", \"CVE-2009-2964\", \"CVE-2010-1382\");\n script_bugtraq_id(40889, 38510, 40897, 40898, 38198, 38200, 40887, 40896, 40823,\n 37749, 38162, 40895, 40893, 34916, 36196, 40892);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 21:16:46 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-18 11:40:44 +0530 (Tue, 18 Apr 2017)\");\n script_name(\"Apple Mac OS X Multiple Vulnerabilities-01 April-2017\");\n\n script_tag(name:\"summary\", value:\"This host is running Apple Mac OS X and\n is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - The Wiki Server does not specify an explicit character set when serving\n HTML documents in response to user requests.\n\n - Multiple errors in SquirrelMail.\n\n - A configuration issue exists in Apple's distribution of Samba, the server\n used for SMB file sharing.\n\n - An input validation error in the Ruby WEBrick HTTP server's handling of\n error pages.\n\n - A buffer overflow exists in libcurl's handling of gzip-compressed web\n content.\n\n - An integer overflow exists in AES and RC4 decryption operations of the\n crypto library in the KDC server.\n\n - Multiple integer overflows in the handling of TIFF files.\n\n - A directory traversal issue exists in iChat's handling of inline\n image transfers.\n\n - A symlink following issue exists in Folder Manager.\n\n - Multiple errors in Adobe Flash Player plug-in.\n\n - An uninitialized memory read issue exists in the CUPS web interface's\n handling of form variables.\n\n - An use after free error exists in cupsd.\n\n - A cross-site request forgery issue exists in the CUPS web interface.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker\n to conduct cross-site scripting attack, access sensitive information, cause\n an unexpected application termination or arbitrary code execution, upload\n files to arbitrary locations on the filesystem of a user and cause privilege\n escalation.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X and Mac OS X Server\n version 10.5.8, 10.6 through 10.6.3\");\n\n script_tag(name:\"solution\", value:\"Apply the appropriate security patch from\n the reference links.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod\", value:\"30\"); ## Build information is not available\n\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT4188\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[56]\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\nif(\"Mac OS X\" >< osName)\n{\n ## 10.5.8 prior to build X is also vulnerable.\n if(version_in_range(version:osVer, test_version:\"10.6\", test_version2:\"10.6.3\") ||\n version_in_range(version:osVer, test_version:\"10.5\", test_version2:\"10.5.8\"))\n {\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.6.4 or apply patch\");\n security_message(data:report);\n exit(0);\n }\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-26T15:08:42", "description": "This host is missing an important security update according to\n Mac OS X Update/Mac OS X Security Update 2012-001.", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "openvas", "title": "Mac OS X Multiple Vulnerabilities (2012-001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-3348", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "modified": "2020-04-22T00:00:00", "id": "OPENVAS:1361412562310802392", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310802392", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mac OS X Multiple Vulnerabilities (2012-001)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.802392\");\n script_version(\"2020-04-22T10:27:30+0000\");\n script_cve_id(\"CVE-2011-3444\", \"CVE-2011-3348\", \"CVE-2011-3389\", \"CVE-2011-3246\",\n \"CVE-2011-3447\", \"CVE-2011-0200\", \"CVE-2011-3252\", \"CVE-2011-3448\",\n \"CVE-2011-3449\", \"CVE-2011-3450\", \"CVE-2011-2192\", \"CVE-2011-2895\",\n \"CVE-2011-3452\", \"CVE-2011-3441\", \"CVE-2011-3453\", \"CVE-2011-3422\",\n \"CVE-2011-3457\", \"CVE-2011-1148\", \"CVE-2011-1657\", \"CVE-2011-1938\",\n \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\",\n \"CVE-2011-3267\", \"CVE-2011-3268\", \"CVE-2011-3256\", \"CVE-2011-3328\",\n \"CVE-2011-3458\", \"CVE-2011-3248\", \"CVE-2011-3459\", \"CVE-2011-3250\",\n \"CVE-2011-3460\", \"CVE-2011-3249\", \"CVE-2010-1637\", \"CVE-2010-2813\",\n \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-1752\",\n \"CVE-2011-1783\", \"CVE-2011-1921\", \"CVE-2011-3462\", \"CVE-2011-2204\",\n \"CVE-2011-3463\", \"CVE-2011-2937\", \"CVE-2011-0241\", \"CVE-2011-1167\");\n script_bugtraq_id(51810, 49616, 49778, 50115, 51813, 48416, 50065, 51817, 51812,\n 51815, 48434, 49124, 48833, 46951, 49744, 51819, 50641, 51807,\n 49429, 51808, 46843, 49252, 47950, 48259, 49241, 49249, 49376,\n 50155, 51809, 50400, 51811, 50401, 51814, 50404, 40291, 42399,\n 48648, 48091, 51818, 48456, 51816, 49229, 47820, 49303, 50092,\n 50112, 50091, 50099, 48007, 48566, 37118);\n script_tag(name:\"last_modification\", value:\"2020-04-22 10:27:30 +0000 (Wed, 22 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-02-06 17:42:28 +0530 (Mon, 06 Feb 2012)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X Multiple Vulnerabilities (2012-001)\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT5130\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47843/\");\n script_xref(name:\"URL\", value:\"http://securitytracker.com/id/1026627\");\n script_xref(name:\"URL\", value:\"http://lists.apple.com/archives/security-announce/2012/Feb/msg00001.html\");\n\n script_copyright(\"Copyright (C) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\", re:\"ssh/login/osx_version=^10\\.[67]\\.\");\n script_tag(name:\"impact\", value:\"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\");\n script_tag(name:\"affected\", value:\"Address Book, Apache, CFNetwork, ColorSync, CoreAudio, CoreText, CoreUI\n curl, Data Security, dovecot, filecmds, ImageIO, Internet Sharing, Libinfo,\n libresolv, libsecurity, OpenGL, PHP, QuickTime, SquirrelMail, X11, Webmail,\n Tomcat, WebDAV Sharing.\");\n script_tag(name:\"insight\", value:\"For more information on the vulnerabilities refer the reference section.\");\n script_tag(name:\"solution\", value:\"Upgrade to Mac OS X 10.7.3 or\n Run Mac Updates and update the Security Update 2012-001\");\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Mac OS X Update/Mac OS X Security Update 2012-001.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://support.apple.com/kb/HT1222\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer)\n exit(0);\n\nif(\"Mac OS X\" >< osName)\n{\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2012.001\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"Equal to 10.6.8\");\n security_message(port:0, data:report);\n exit(0);\n }\n }\n\n if(version_in_range(version:osVer, test_version:\"10.7\", test_version2:\"10.7.2\"))\n {\n report = report_fixed_ver(installed_version:osVer, vulnerable_range:\"10.7 - 10.7.2\");\n security_message(port:0, data:report);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-19T10:50:27", "description": "This host is missing an important security update according to\n Mac OS X Update/Mac OS X Security Update 2012-001.", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "openvas", "title": "Mac OS X Multiple Vulnerabilities (2012-001)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3462", "CVE-2011-3448", "CVE-2011-1148", "CVE-2011-3444", "CVE-2011-1783", "CVE-2011-3246", "CVE-2011-3249", "CVE-2011-3189", "CVE-2011-0241", "CVE-2011-1752", "CVE-2011-1938", "CVE-2011-3449", "CVE-2011-3441", "CVE-2011-3453", "CVE-2011-3422", "CVE-2011-3248", "CVE-2011-2483", "CVE-2011-3457", "CVE-2010-2813", "CVE-2011-3463", "CVE-2011-3389", "CVE-2011-2204", "CVE-2011-3256", "CVE-2011-1657", "CVE-2011-1167", "CVE-2011-3252", "CVE-2011-3268", "CVE-2011-3328", "CVE-2011-2023", "CVE-2011-3182", "CVE-2010-4554", "CVE-2011-1921", "CVE-2011-3459", "CVE-2010-4555", "CVE-2011-3250", "CVE-2011-0200", "CVE-2011-3267", "CVE-2011-3458", "CVE-2011-3447", "CVE-2011-3460", "CVE-2011-3348", "CVE-2011-2202", "CVE-2011-3452", "CVE-2011-3450", "CVE-2011-2895", "CVE-2010-1637", "CVE-2011-2937", "CVE-2011-2192"], "modified": "2017-07-04T00:00:00", "id": "OPENVAS:802392", "href": "http://plugins.openvas.org/nasl.php?oid=802392", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_macosx_su12-001.nasl 6521 2017-07-04 14:51:10Z cfischer $\n#\n# Mac OS X Multiple Vulnerabilities (2012-001)\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation could allow attackers to execute arbitrary code in\n the context of the browser, inject scripts, bypass certain security\n restrictions or cause a denial-of-service condition.\n Impact Level: System/Application\";\ntag_affected = \"Address Book, Apache, CFNetwork, ColorSync, CoreAudio, CoreText, CoreUI\n curl, Data Security, dovecot, filecmds, ImageIO, Internet Sharing, Libinfo,\n libresolv, libsecurity, OpenGL, PHP, QuickTime, SquirrelMail, X11, Webmail,\n Tomcat, WebDAV Sharing.\";\ntag_insight = \"For more information on the vulnerabilities refer the reference section.\";\ntag_solution = \"Upgrade to Mac OS X 10.7.3 or\n Run Mac Updates and update the Security Update 2012-001\n For updates refer to http://support.apple.com/kb/HT1222\";\ntag_summary = \"This host is missing an important security update according to\n Mac OS X Update/Mac OS X Security Update 2012-001.\";\n\nif(description)\n{\n script_id(802392);\n script_version(\"$Revision: 6521 $\");\n script_cve_id(\"CVE-2011-3444\", \"CVE-2011-3348\", \"CVE-2011-3389\", \"CVE-2011-3246\",\n \"CVE-2011-3447\", \"CVE-2011-0200\", \"CVE-2011-3252\", \"CVE-2011-3448\",\n \"CVE-2011-3449\", \"CVE-2011-3450\", \"CVE-2011-2192\", \"CVE-2011-2895\",\n \"CVE-2011-3452\", \"CVE-2011-3441\", \"CVE-2011-3453\", \"CVE-2011-3422\",\n \"CVE-2011-3457\", \"CVE-2011-1148\", \"CVE-2011-1657\", \"CVE-2011-1938\",\n \"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3182\", \"CVE-2011-3189\",\n \"CVE-2011-3267\", \"CVE-2011-3268\", \"CVE-2011-3256\", \"CVE-2011-3328\",\n \"CVE-2011-3458\", \"CVE-2011-3248\", \"CVE-2011-3459\", \"CVE-2011-3250\",\n \"CVE-2011-3460\", \"CVE-2011-3249\", \"CVE-2010-1637\", \"CVE-2010-2813\",\n \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-1752\",\n \"CVE-2011-1783\", \"CVE-2011-1921\", \"CVE-2011-3462\", \"CVE-2011-2204\",\n \"CVE-2011-3463\", \"CVE-2011-2937\", \"CVE-2011-0241\", \"CVE-2011-1167\");\n script_bugtraq_id(51810, 49616, 49778, 50115, 51813, 48416, 50065, 51817, 51812,\n 51815, 48434, 49124, 48833, 46951, 49744, 51819, 50641, 51807,\n 49429, 51808, 46843, 49252, 47950, 48259, 49241, 49249, 49376,\n 50155, 51809, 50400, 51811, 50401, 51814, 50404, 40291, 42399,\n 48648, 48091, 51818, 48456, 51816, 49229, 47820, 49303, 50092,\n 50112, 50091, 50099, 48007, 48566, 37118);\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-04 16:51:10 +0200 (Tue, 04 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-06 17:42:28 +0530 (Mon, 06 Feb 2012)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Mac OS X Multiple Vulnerabilities (2012-001)\");\n script_xref(name : \"URL\" , value : \"http://support.apple.com/kb/HT5130\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47843/\");\n script_xref(name : \"URL\" , value : \"http://securitytracker.com/id/1026627\");\n script_xref(name : \"URL\" , value : \"http://lists.apple.com/archives/security-announce/2012/Feb/msg00001.html\");\n\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\ninclude(\"pkg-lib-macosx.inc\");\n\n## Variables Initialization\nosName = \"\";\nosVer = NULL;\n\n## Get the OS name\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName){\n exit (0);\n}\n\n## Get the OS Version\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer){\n exit(0);\n}\n\n## Check for the Mac OS X and Mac OS X Server\nif(\"Mac OS X\" >< osName)\n{\n ## Check the affected OS versions\n if(version_is_equal(version:osVer, test_version:\"10.6.8\"))\n {\n ## Check for the security update 2011.006\n if(isosxpkgvuln(fixed:\"com.apple.pkg.update.security.\", diff:\"2012.001\"))\n {\n security_message(0);\n exit(0);\n }\n }\n\n ## Check if OS is 10.7 through 10.7.2\n if(version_in_range(version:osVer, test_version:\"10.7\", test_version2:\"10.7.2\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "osv": [{"lastseen": "2022-08-10T07:08:45", "description": "\nSquirrelMail, a webmail application, does not employ a user-specific token \nfor webforms. This allows a remote attacker to perform a Cross Site Request \nForgery (CSRF) attack. The attacker may hijack the authentication of \nunspecified victims and send messages or change user preferences among other \nactions, by tricking the victim into following a link controlled by the \noffender.\n\n\nIn addition, a denial-of-service was fixed, which could be triggered when a \npassword containing 8-bit characters was used to log in ([CVE-2010-2813](https://security-tracker.debian.org/tracker/CVE-2010-2813)).\n\n\nFor the stable distribution (lenny), these problems have been fixed in\nversion 1.4.15-4+lenny3.1.\n\n\nFor the testing distribution (squeeze) and the unstable distribution (sid),\nthese problems have been fixed in version 1.4.21-1.\n\n\nWe recommend that you upgrade your squirrelmail packages.\n\n\n", "cvss3": {}, "published": "2010-08-12T00:00:00", "type": "osv", "title": "squirrelmail - cross-site request forgery", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964", "CVE-2010-2813"], "modified": "2022-08-10T07:08:38", "id": "OSV:DSA-2091-1", "href": "https://osv.dev/vulnerability/DSA-2091-1", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T13:03:31", "description": "Fixes literal processing of 8-bit usernames/passwords during login (CVE-2010-2813): * http://squirrelmail.org/security/issue/2010-07-23\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-12T00:00:00", "type": "nessus", "title": "Fedora 12 : squirrelmail-1.4.21-1.fc12 (2010-11410)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-11410.NASL", "href": "https://www.tenable.com/plugins/nessus/48304", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-11410.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48304);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2813\");\n script_xref(name:\"FEDORA\", value:\"2010-11410\");\n\n script_name(english:\"Fedora 12 : squirrelmail-1.4.21-1.fc12 (2010-11410)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes literal processing of 8-bit usernames/passwords during login\n(CVE-2010-2813): * http://squirrelmail.org/security/issue/2010-07-23\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://squirrelmail.org/security/issue/2010-07-23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=618096\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/045372.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?14f7e3ca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"squirrelmail-1.4.21-1.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:03:24", "description": "Fixes literal processing of 8-bit usernames/passwords during login (CVE-2010-2813): * http://squirrelmail.org/security/issue/2010-07-23\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2010-08-12T00:00:00", "type": "nessus", "title": "Fedora 13 : squirrelmail-1.4.21-1.fc13 (2010-11422)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2010-11422.NASL", "href": "https://www.tenable.com/plugins/nessus/48305", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-11422.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(48305);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-2813\");\n script_xref(name:\"FEDORA\", value:\"2010-11422\");\n\n script_name(english:\"Fedora 13 : squirrelmail-1.4.21-1.fc13 (2010-11422)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes literal processing of 8-bit usernames/passwords during login\n(CVE-2010-2813): * http://squirrelmail.org/security/issue/2010-07-23\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://squirrelmail.org/security/issue/2010-07-23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=618096\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-August/045383.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4fdd4c1d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/07/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"squirrelmail-1.4.21-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:03:07", "description": "The remote host is running SquirrelMail, a web-based email client.\n\nVersions of SquirrelMail earlier than 1.4.21 are potentially affected by a denial-of-service vulnerability. By submitting a random login with 8-bit characters in the password, it is possible to cause SquirrelMail to create a preferences file even if the login is not valid. An attacker, exploiting this flaw, could create enough files to cause the server to run out of disk space.", "cvss3": {"score": 5.3, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}, "published": "2010-08-13T00:00:00", "type": "nessus", "title": "SquirrelMail < 1.4.21 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*"], "id": "5629.PRM", "href": "https://www.tenable.com/plugins/nnm/5629", "sourceData": "Binary data 5629.prm", "cvss": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T13:06:55", "description": "- Implemented page referal verification mechanism.\n (Secunia Advisory SA34627)\n\n - Implemented security token system. (Secunia Advisory SA34627)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "Fedora 11 : squirrelmail-1.4.19-2.fc11 (2009-8822)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2009-8822.NASL", "href": "https://www.tenable.com/plugins/nessus/40686", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8822.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40686);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2964\");\n script_xref(name:\"FEDORA\", value:\"2009-8822\");\n\n script_name(english:\"Fedora 11 : squirrelmail-1.4.19-2.fc11 (2009-8822)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Implemented page referal verification mechanism.\n (Secunia Advisory SA34627)\n\n - Implemented security token system. (Secunia Advisory\n SA34627)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=517312\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3a69e104\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"squirrelmail-1.4.19-2.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:18", "description": "An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user's authentication, inject malicious content into that user's preferences, or possibly send mail without that user's permission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains a backported patch to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-10-09T00:00:00", "type": "nessus", "title": "CentOS 3 / 4 : squirrelmail (CESA-2009:1490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squirrelmail", "cpe:/o:centos:centos:3", "cpe:/o:centos:centos:4"], "id": "CENTOS_RHSA-2009-1490.NASL", "href": "https://www.tenable.com/plugins/nessus/42071", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1490 and \n# CentOS Errata and Security Advisory 2009:1490 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42071);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-2964\");\n script_bugtraq_id(36196);\n script_xref(name:\"RHSA\", value:\"2009:1490\");\n\n script_name(english:\"CentOS 3 / 4 : squirrelmail (CESA-2009:1490)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker\ntricked a user into visiting a malicious web page, the attacker could\nhijack that user's authentication, inject malicious content into that\nuser's preferences, or possibly send mail without that user's\npermission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016181.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47e6f08f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016182.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5a30b9c2\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016185.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a3723943\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-October/016186.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8e2bf560\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-16.el3.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-16.el3.centos.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", reference:\"squirrelmail-1.4.8-5.el4_8.8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:47", "description": "CVE-2009-2964 squirrelmail: CSRF issues in all forms\n\nForm submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user's authentication, inject malicious content into that user's preferences, or possibly send mail without that user's permission. (CVE-2009-2964)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20091008_SQUIRRELMAIL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60676", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60676);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2964\");\n\n script_name(english:\"Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2009-2964 squirrelmail: CSRF issues in all forms\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker\ntricked a user into visiting a malicious web page, the attacker could\nhijack that user's authentication, inject malicious content into that\nuser's preferences, or possibly send mail without that user's\npermission. (CVE-2009-2964)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0910&L=scientific-linux-errata&T=0&P=1068\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a17d921e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"squirrelmail-1.4.8-16.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"squirrelmail-1.4.8-5.el4_8.8\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"squirrelmail-1.4.8-5.el5_4.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:54", "description": "The remote host is running SquirrelMail, a web-based email client. The installed version of SquirrelMail is potentially affected by cross-site request forgery vulnerabilities on all form submissions.", "cvss3": {"score": 3.7, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}, "published": "2009-08-12T00:00:00", "type": "nessus", "title": "SquirrelMail < 1.4.20 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*"], "id": "5147.PRM", "href": "https://www.tenable.com/plugins/nnm/5147", "sourceData": "Binary data 5147.prm", "cvss": {"score": 4.3, "vector": "CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-08-19T12:54:18", "description": "From Red Hat Security Advisory 2009:1490 :\n\nAn updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user's authentication, inject malicious content into that user's preferences, or possibly send mail without that user's permission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains a backported patch to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-1490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squirrelmail", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-1490.NASL", "href": "https://www.tenable.com/plugins/nessus/67938", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:1490 and \n# Oracle Linux Security Advisory ELSA-2009-1490 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67938);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2964\");\n script_bugtraq_id(36196);\n script_xref(name:\"RHSA\", value:\"2009:1490\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-1490)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:1490 :\n\nAn updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker\ntricked a user into visiting a malicious web page, the attacker could\nhijack that user's authentication, inject malicious content into that\nuser's preferences, or possibly send mail without that user's\npermission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001190.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001191.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-October/001192.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-16.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-16.0.1.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"squirrelmail-1.4.8-5.0.1.el4_8.8\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"squirrelmail-1.4.8-5.0.1.el5_4.10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:07:03", "description": "- Implemented page referal verification mechanism.\n (Secunia Advisory SA34627)\n\n - Implemented security token system. (Secunia Advisory SA34627)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-08-24T00:00:00", "type": "nessus", "title": "Fedora 10 : squirrelmail-1.4.19-2.fc10 (2009-8797)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-8797.NASL", "href": "https://www.tenable.com/plugins/nessus/40678", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-8797.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40678);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-2964\");\n script_xref(name:\"FEDORA\", value:\"2009-8797\");\n\n script_name(english:\"Fedora 10 : squirrelmail-1.4.19-2.fc10 (2009-8797)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Implemented page referal verification mechanism.\n (Secunia Advisory SA34627)\n\n - Implemented security token system. (Secunia Advisory\n SA34627)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=517312\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-August/028197.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?76f42a4b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/08/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"squirrelmail-1.4.19-2.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T13:06:16", "description": "An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user's authentication, inject malicious content into that user's preferences, or possibly send mail without that user's permission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains a backported patch to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-10-09T00:00:00", "type": "nessus", "title": "RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squirrelmail", "cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:4.8", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.4"], "id": "REDHAT-RHSA-2009-1490.NASL", "href": "https://www.tenable.com/plugins/nessus/42077", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:1490. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(42077);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-2964\");\n script_bugtraq_id(36196);\n script_xref(name:\"RHSA\", value:\"2009:1490\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1490)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker\ntricked a user into visiting a malicious web page, the attacker could\nhijack that user's authentication, inject malicious content into that\nuser's preferences, or possibly send mail without that user's\npermission. (CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-2964\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2009-08-12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:1490\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/10/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:1490\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"squirrelmail-1.4.8-16.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"squirrelmail-1.4.8-5.el4_8.8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"squirrelmail-1.4.8-5.el5_4.10\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-03-27T18:10:40", "description": "An updated squirrelmail package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line subjects properly. Consequently, the decode header internationalization option did not properly handle new lines or tabs at the beginning of the lines. This bug has been fixed and SquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows operating system were not displayed properly when accessed with SquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has been fixed and the attachments are now displayed correctly in such a case. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger than 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages regardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set to requested variables. Consequently, SquirrelMail could not display any e-mails. The underlying source code has been modified and now the squirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the i18n.php file, the squirrelmail package could not use the GB 2312 character set. The i18n.php file has been fixed and the GB 2312 character set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled constant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error messages. The name of the constant has been corrected to PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from the SquirrelMail web interface was blocked. This update adds a note to the SquirrelMail documentation that describes how to set the SELinux options to allow sending e-mails from the SquirrelMail web interface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC 2822 specification about line length limits. Consequently, attachments with lines longer than 998 characters could not be forwarded using SquirrelMail. This patch modifies the underlying source code and now SquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the php-common script instead of the mod_php script during installation or upgrade of the package, which led to a dependency error. As a result, attempting to install or upgrade the squirrelmail package failed on systems using the php53 packages. With this update, the dependencies of the squirrelmail package were changed and the installation or upgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-08T00:00:00", "type": "nessus", "title": "RHEL 5 : squirrelmail (RHSA-2013:0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squirrelmail", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2013-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/63409", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0126. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63409);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2124\");\n script_xref(name:\"RHSA\", value:\"2013:0126\");\n\n script_name(english:\"RHEL 5 : squirrelmail (RHSA-2013:0126)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes one security issue and\nseveral bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the\nerratum text stated, correct the CVE-2010-2813 issue, a flaw in the\nway SquirrelMail handled failed log in attempts. A user preference\nfile was created when attempting to log in with a password containing\nan 8-bit character, even if the username was not valid. A remote\nattacker could use this flaw to eventually consume all hard disk space\non the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line\nsubjects properly. Consequently, the decode header\ninternationalization option did not properly handle new lines or tabs\nat the beginning of the lines. This bug has been fixed and\nSquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows\noperating system were not displayed properly when accessed with\nSquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has\nbeen fixed and the attachments are now displayed correctly in such a\ncase. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger\nthan 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages\nregardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set\nto requested variables. Consequently, SquirrelMail could not display\nany e-mails. The underlying source code has been modified and now the\nsquirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the\ni18n.php file, the squirrelmail package could not use the GB 2312\ncharacter set. The i18n.php file has been fixed and the GB 2312\ncharacter set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled\nconstant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to\nproduce error messages. The name of the constant has been corrected to\nPREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error\nmessages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails\nfrom the SquirrelMail web interface was blocked. This update adds a\nnote to the SquirrelMail documentation that describes how to set the\nSELinux options to allow sending e-mails from the SquirrelMail web\ninterface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC\n2822 specification about line length limits. Consequently, attachments\nwith lines longer than 998 characters could not be forwarded using\nSquirrelMail. This patch modifies the underlying source code and now\nSquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the\nphp-common script instead of the mod_php script during installation or\nupgrade of the package, which led to a dependency error. As a result,\nattempting to install or upgrade the squirrelmail package failed on\nsystems using the php53 packages. With this update, the dependencies\nof the squirrelmail package were changed and the installation or\nupgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated\npackage, which contains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rhn.redhat.com/errata/RHSA-2012-0103.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2124\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0126\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", reference:\"squirrelmail-1.4.8-21.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n }\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T18:12:39", "description": "An updated squirrelmail package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line subjects properly. Consequently, the decode header internationalization option did not properly handle new lines or tabs at the beginning of the lines. This bug has been fixed and SquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows operating system were not displayed properly when accessed with SquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has been fixed and the attachments are now displayed correctly in such a case. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger than 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages regardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set to requested variables. Consequently, SquirrelMail could not display any e-mails. The underlying source code has been modified and now the squirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the i18n.php file, the squirrelmail package could not use the GB 2312 character set. The i18n.php file has been fixed and the GB 2312 character set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled constant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error messages. The name of the constant has been corrected to PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from the SquirrelMail web interface was blocked. This update adds a note to the SquirrelMail documentation that describes how to set the SELinux options to allow sending e-mails from the SquirrelMail web interface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC 2822 specification about line length limits. Consequently, attachments with lines longer than 998 characters could not be forwarded using SquirrelMail. This patch modifies the underlying source code and now SquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the php-common script instead of the mod_php script during installation or upgrade of the package, which led to a dependency error. As a result, attempting to install or upgrade the squirrelmail package failed on systems using the php53 packages. With this update, the dependencies of the squirrelmail package were changed and the installation or upgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-17T00:00:00", "type": "nessus", "title": "CentOS 5 : squirrelmail (CESA-2013:0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squirrelmail", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2013-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/63571", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0126 and \n# CentOS Errata and Security Advisory 2013:0126 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63571);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-2124\");\n script_bugtraq_id(57201);\n script_xref(name:\"RHSA\", value:\"2013:0126\");\n\n script_name(english:\"CentOS 5 : squirrelmail (CESA-2013:0126)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes one security issue and\nseveral bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the\nerratum text stated, correct the CVE-2010-2813 issue, a flaw in the\nway SquirrelMail handled failed log in attempts. A user preference\nfile was created when attempting to log in with a password containing\nan 8-bit character, even if the username was not valid. A remote\nattacker could use this flaw to eventually consume all hard disk space\non the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line\nsubjects properly. Consequently, the decode header\ninternationalization option did not properly handle new lines or tabs\nat the beginning of the lines. This bug has been fixed and\nSquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows\noperating system were not displayed properly when accessed with\nSquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has\nbeen fixed and the attachments are now displayed correctly in such a\ncase. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger\nthan 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages\nregardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set\nto requested variables. Consequently, SquirrelMail could not display\nany e-mails. The underlying source code has been modified and now the\nsquirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the\ni18n.php file, the squirrelmail package could not use the GB 2312\ncharacter set. The i18n.php file has been fixed and the GB 2312\ncharacter set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled\nconstant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to\nproduce error messages. The name of the constant has been corrected to\nPREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error\nmessages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails\nfrom the SquirrelMail web interface was blocked. This update adds a\nnote to the SquirrelMail documentation that describes how to set the\nSELinux options to allow sending e-mails from the SquirrelMail web\ninterface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC\n2822 specification about line length limits. Consequently, attachments\nwith lines longer than 998 characters could not be forwarded using\nSquirrelMail. This patch modifies the underlying source code and now\nSquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the\nphp-common script instead of the mod_php script during installation or\nupgrade of the package, which led to a dependency error. As a result,\nattempting to install or upgrade the squirrelmail package failed on\nsystems using the php53 packages. With this update, the dependencies\nof the squirrelmail package were changed and the installation or\nupgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated\npackage, which contains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-January/019177.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bd3d003b\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-January/000439.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f35d3e7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-2124\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"squirrelmail-1.4.8-21.el5.centos\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-03-27T18:33:43", "description": "From Red Hat Security Advisory 2013:0126 :\n\nAn updated squirrelmail package that fixes one security issue and several bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line subjects properly. Consequently, the decode header internationalization option did not properly handle new lines or tabs at the beginning of the lines. This bug has been fixed and SquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows operating system were not displayed properly when accessed with SquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has been fixed and the attachments are now displayed correctly in such a case. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger than 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages regardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set to requested variables. Consequently, SquirrelMail could not display any e-mails. The underlying source code has been modified and now the squirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the i18n.php file, the squirrelmail package could not use the GB 2312 character set. The i18n.php file has been fixed and the GB 2312 character set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled constant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error messages. The name of the constant has been corrected to PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from the SquirrelMail web interface was blocked. This update adds a note to the SquirrelMail documentation that describes how to set the SELinux options to allow sending e-mails from the SquirrelMail web interface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC 2822 specification about line length limits. Consequently, attachments with lines longer than 998 characters could not be forwarded using SquirrelMail. This patch modifies the underlying source code and now SquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the php-common script instead of the mod_php script during installation or upgrade of the package, which led to a dependency error. As a result, attempting to install or upgrade the squirrelmail package failed on systems using the php53 packages. With this update, the dependencies of the squirrelmail package were changed and the installation or upgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : squirrelmail (ELSA-2013-0126)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squirrelmail", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2013-0126.NASL", "href": "https://www.tenable.com/plugins/nessus/68697", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0126 and \n# Oracle Linux Security Advisory ELSA-2013-0126 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68697);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-2124\");\n script_bugtraq_id(42399);\n script_xref(name:\"RHSA\", value:\"2013:0126\");\n\n script_name(english:\"Oracle Linux 5 : squirrelmail (ELSA-2013-0126)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0126 :\n\nAn updated squirrelmail package that fixes one security issue and\nseveral bugs is now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the\nerratum text stated, correct the CVE-2010-2813 issue, a flaw in the\nway SquirrelMail handled failed log in attempts. A user preference\nfile was created when attempting to log in with a password containing\nan 8-bit character, even if the username was not valid. A remote\nattacker could use this flaw to eventually consume all hard disk space\non the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, SquirrelMail could not decode multi-line\nsubjects properly. Consequently, the decode header\ninternationalization option did not properly handle new lines or tabs\nat the beginning of the lines. This bug has been fixed and\nSquirrelMail now works correctly in the described scenario.\n(BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows\noperating system were not displayed properly when accessed with\nSquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has\nbeen fixed and the attachments are now displayed correctly in such a\ncase. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger\nthan 2^31 bytes were unreadable when using the squirrelmail package.\nWith this patch the squirrelmail package is able to read all messages\nregardless of the UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set\nto requested variables. Consequently, SquirrelMail could not display\nany e-mails. The underlying source code has been modified and now the\nsquirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the\ni18n.php file, the squirrelmail package could not use the GB 2312\ncharacter set. The i18n.php file has been fixed and the GB 2312\ncharacter set works correctly in the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled\nconstant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to\nproduce error messages. The name of the constant has been corrected to\nPREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error\nmessages in this scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails\nfrom the SquirrelMail web interface was blocked. This update adds a\nnote to the SquirrelMail documentation that describes how to set the\nSELinux options to allow sending e-mails from the SquirrelMail web\ninterface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC\n2822 specification about line length limits. Consequently, attachments\nwith lines longer than 998 characters could not be forwarded using\nSquirrelMail. This patch modifies the underlying source code and now\nSquirrelMail complies with the RFC 2822 specification as expected.\n(BZ#745469)\n\n* Prior to this update, the squirrelmail package required the\nphp-common script instead of the mod_php script during installation or\nupgrade of the package, which led to a dependency error. As a result,\nattempting to install or upgrade the squirrelmail package failed on\nsystems using the php53 packages. With this update, the dependencies\nof the squirrelmail package were changed and the installation or\nupgrade now works correctly in the described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated\npackage, which contains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-January/003206.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/01/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"squirrelmail-1.4.8-21.0.2.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:56:31", "description": "The SquirrelMail security update SLSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, SquirrelMail could not decode multi-line subjects properly. Consequently, the decode header internationalization option did not properly handle new lines or tabs at the beginning of the lines.\n This bug has been fixed and SquirrelMail now works correctly in the described scenario.\n\n - Due to a bug, attachments written in HTML code on the Windows operating system were not displayed properly when accessed with SquirrelMail; the '!=null' string was trimmed to '!ull'. This bug has been fixed and the attachments are now displayed correctly in such a case.\n\n - Previously, e-mail messages with a Unique Identifier (UID) larger than 2^31 bytes were unreadable when using the squirrelmail package. With this patch the squirrelmail package is able to read all messages regardless of the UIDs size.\n\n - Due to a bug, a PHP script did not assign the proper character set to requested variables. Consequently, SquirrelMail could not display any e-mails. The underlying source code has been modified and now the squirrelmail package assigns the correct character set.\n\n - Due to the incorrect internationalization option located at the i18n.php file, the squirrelmail package could not use the GB 2312 character set. The i18n.php file has been fixed and the GB 2312 character set works correctly in the described scenario.\n\n - Previously, the preg_split() function contained a misspelled constant, PREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error messages. The name of the constant has been corrected to PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in this scenario.\n\n - Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from the SquirrelMail web interface was blocked. This update adds a note to the SquirrelMail documentation that describes how to set the SELinux options to allow sending e-mails from the SquirrelMail web interface.\n\n - Previously, the squirrelmail package did not comply with the RFC 2822 specification about line length limits.\n Consequently, attachments with lines longer than 998 characters could not be forwarded using SquirrelMail.\n This patch modifies the underlying source code and now SquirrelMail complies with the RFC 2822 specification as expected.\n\n - Prior to this update, the squirrelmail package required the php-common script instead of the mod_php script during installation or upgrade of the package, which led to a dependency error. As a result, attempting to install or upgrade the squirrelmail package failed on systems using the php53 packages. With this update, the dependencies of the squirrelmail package were changed and the installation or upgrade now works correctly in the described scenario.", "cvss3": {"score": null, "vector": null}, "published": "2013-01-17T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squirrelmail on SL5.x (noarch) (20130108)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squirrelmail", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130108_SQUIRRELMAIL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/63604", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63604);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-2813\", \"CVE-2012-2124\");\n\n script_name(english:\"Scientific Linux Security Update : squirrelmail on SL5.x (noarch) (20130108)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SquirrelMail security update SLSA-2012:0103 did not, unlike the\nerratum text stated, correct the CVE-2010-2813 issue, a flaw in the\nway SquirrelMail handled failed log in attempts. A user preference\nfile was created when attempting to log in with a password containing\nan 8-bit character, even if the username was not valid. A remote\nattacker could use this flaw to eventually consume all hard disk space\non the target SquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, SquirrelMail could not decode\n multi-line subjects properly. Consequently, the decode\n header internationalization option did not properly\n handle new lines or tabs at the beginning of the lines.\n This bug has been fixed and SquirrelMail now works\n correctly in the described scenario.\n\n - Due to a bug, attachments written in HTML code on the\n Windows operating system were not displayed properly\n when accessed with SquirrelMail; the '!=null' string was\n trimmed to '!ull'. This bug has been fixed and the\n attachments are now displayed correctly in such a case.\n\n - Previously, e-mail messages with a Unique Identifier\n (UID) larger than 2^31 bytes were unreadable when using\n the squirrelmail package. With this patch the\n squirrelmail package is able to read all messages\n regardless of the UIDs size.\n\n - Due to a bug, a PHP script did not assign the proper\n character set to requested variables. Consequently,\n SquirrelMail could not display any e-mails. The\n underlying source code has been modified and now the\n squirrelmail package assigns the correct character set.\n\n - Due to the incorrect internationalization option located\n at the i18n.php file, the squirrelmail package could not\n use the GB 2312 character set. The i18n.php file has\n been fixed and the GB 2312 character set works correctly\n in the described scenario.\n\n - Previously, the preg_split() function contained a\n misspelled constant, PREG_SPLIT_NI_EMPTY, which could\n cause SquirrelMail to produce error messages. The name\n of the constant has been corrected to\n PREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces\n error messages in this scenario.\n\n - Due to Security-Enhanced Linux (SELinux) settings,\n sending e-mails from the SquirrelMail web interface was\n blocked. This update adds a note to the SquirrelMail\n documentation that describes how to set the SELinux\n options to allow sending e-mails from the SquirrelMail\n web interface.\n\n - Previously, the squirrelmail package did not comply with\n the RFC 2822 specification about line length limits.\n Consequently, attachments with lines longer than 998\n characters could not be forwarded using SquirrelMail.\n This patch modifies the underlying source code and now\n SquirrelMail complies with the RFC 2822 specification as\n expected.\n\n - Prior to this update, the squirrelmail package required\n the php-common script instead of the mod_php script\n during installation or upgrade of the package, which led\n to a dependency error. As a result, attempting to\n install or upgrade the squirrelmail package failed on\n systems using the php53 packages. With this update, the\n dependencies of the squirrelmail package were changed\n and the installation or upgrade now works correctly in\n the described scenario.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1301&L=scientific-linux-errata&T=0&P=577\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?881ef834\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"squirrelmail-1.4.8-21.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:59:04", "description": "An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially crafted Multipurpose Internet Mail Extensions (MIME) message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the content of various HTML input fields. A remote attacker could use this flaw to alter user preference values via a newline character contained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into SquirrelMail, into visiting a specially crafted URL, the attacker could empty the victim's trash folder or alter the ordering of the columns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a remote attacker to perform a clickjacking attack against logged in users and possibly gain access to sensitive user data. With this update, the SquirrelMail main frame can only be loaded into the top most browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an administrator enabled this plug-in, a SquirrelMail user could use this flaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-09T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : squirrelmail (CESA-2012:0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:squirrelmail", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/57864", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0103 and \n# CentOS Errata and Security Advisory 2012:0103 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57864);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_bugtraq_id(40291, 42399, 48648);\n script_xref(name:\"RHSA\", value:\"2012:0103\");\n\n script_name(english:\"CentOS 4 / 5 : squirrelmail (CESA-2012:0103)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote\nattacker could use this flaw to send a specially crafted Multipurpose\nInternet Mail Extensions (MIME) message that, when opened by a victim,\nwould lead to arbitrary web script execution in the context of their\nSquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary\nweb script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled\nthe content of various HTML input fields. A remote attacker could use\nthis flaw to alter user preference values via a newline character\ncontained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages\ndid not protect against Cross-Site Request Forgery (CSRF) attacks. If\na remote attacker could trick a user, who was logged into\nSquirrelMail, into visiting a specially crafted URL, the attacker\ncould empty the victim's trash folder or alter the ordering of the\ncolumns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing\na remote attacker to perform a clickjacking attack against logged in\nusers and possibly gain access to sensitive user data. With this\nupdate, the SquirrelMail main frame can only be loaded into the top\nmost browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in\nattempts. A user preference file was created when attempting to log in\nwith a password containing an 8-bit character, even if the username\nwas not valid. A remote attacker could use this flaw to eventually\nconsume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this\nflaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-February/018422.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7450a5dc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-February/018423.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?585ff16c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-2753\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-18.el4.centos\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-18.el4.centos\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"squirrelmail-1.4.8-5.el5.centos.13\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:57:49", "description": "SquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially crafted Multipurpose Internet Mail Extensions (MIME) message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the content of various HTML input fields. A remote attacker could use this flaw to alter user preference values via a newline character contained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into SquirrelMail, into visiting a specially crafted URL, the attacker could empty the victim's trash folder or alter the ordering of the columns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a remote attacker to perform a clickjacking attack against logged in users and possibly gain access to sensitive user data. With this update, the SquirrelMail main frame can only be loaded into the top most browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an administrator enabled this plug-in, a SquirrelMail user could use this flaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : squirrelmail on SL4.x, SL5.x (20120208)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:squirrelmail", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120208_SQUIRRELMAIL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61240", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61240);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n\n script_name(english:\"Scientific Linux Security Update : squirrelmail on SL4.x, SL5.x (20120208)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"SquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote\nattacker could use this flaw to send a specially crafted Multipurpose\nInternet Mail Extensions (MIME) message that, when opened by a victim,\nwould lead to arbitrary web script execution in the context of their\nSquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary\nweb script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled\nthe content of various HTML input fields. A remote attacker could use\nthis flaw to alter user preference values via a newline character\ncontained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages\ndid not protect against Cross-Site Request Forgery (CSRF) attacks. If\na remote attacker could trick a user, who was logged into\nSquirrelMail, into visiting a specially crafted URL, the attacker\ncould empty the victim's trash folder or alter the ordering of the\ncolumns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing\na remote attacker to perform a clickjacking attack against logged in\nusers and possibly gain access to sensitive user data. With this\nupdate, the SquirrelMail main frame can only be loaded into the top\nmost browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in\nattempts. A user preference file was created when attempting to log in\nwith a password containing an 8-bit character, even if the username\nwas not valid. A remote attacker could use this flaw to eventually\nconsume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this\nflaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1202&L=scientific-linux-errata&T=0&P=1503\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4287bf21\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 4.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"squirrelmail-1.4.8-18.el4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:53:33", "description": "From Red Hat Security Advisory 2012:0103 :\n\nAn updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially crafted Multipurpose Internet Mail Extensions (MIME) message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the content of various HTML input fields. A remote attacker could use this flaw to alter user preference values via a newline character contained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into SquirrelMail, into visiting a specially crafted URL, the attacker could empty the victim's trash folder or alter the ordering of the columns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a remote attacker to perform a clickjacking attack against logged in users and possibly gain access to sensitive user data. With this update, the SquirrelMail main frame can only be loaded into the top most browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an administrator enabled this plug-in, a SquirrelMail user could use this flaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 : squirrelmail (ELSA-2012-0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:squirrelmail", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/68452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0103 and \n# Oracle Linux Security Advisory ELSA-2012-0103 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68452);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_bugtraq_id(40291, 42399, 48648);\n script_xref(name:\"RHSA\", value:\"2012:0103\");\n\n script_name(english:\"Oracle Linux 4 / 5 : squirrelmail (ELSA-2012-0103)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0103 :\n\nAn updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote\nattacker could use this flaw to send a specially crafted Multipurpose\nInternet Mail Extensions (MIME) message that, when opened by a victim,\nwould lead to arbitrary web script execution in the context of their\nSquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary\nweb script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled\nthe content of various HTML input fields. A remote attacker could use\nthis flaw to alter user preference values via a newline character\ncontained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages\ndid not protect against Cross-Site Request Forgery (CSRF) attacks. If\na remote attacker could trick a user, who was logged into\nSquirrelMail, into visiting a specially crafted URL, the attacker\ncould empty the victim's trash folder or alter the ordering of the\ncolumns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing\na remote attacker to perform a clickjacking attack against logged in\nusers and possibly gain access to sensitive user data. With this\nupdate, the SquirrelMail main frame can only be loaded into the top\nmost browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in\nattempts. A user preference file was created when attempting to log in\nwith a password containing an 8-bit character, even if the username\nwas not valid. A remote attacker could use this flaw to eventually\nconsume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this\nflaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-February/002597.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-February/002598.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"squirrelmail-1.4.8-18.0.1.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"squirrelmail-1.4.8-5.0.1.el5_7.13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:59:03", "description": "An updated squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially crafted Multipurpose Internet Mail Extensions (MIME) message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the content of various HTML input fields. A remote attacker could use this flaw to alter user preference values via a newline character contained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did not protect against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker could trick a user, who was logged into SquirrelMail, into visiting a specially crafted URL, the attacker could empty the victim's trash folder or alter the ordering of the columns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a remote attacker to perform a clickjacking attack against logged in users and possibly gain access to sensitive user data. With this update, the SquirrelMail main frame can only be loaded into the top most browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an administrator enabled this plug-in, a SquirrelMail user could use this flaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which contains backported patches to correct these issues.", "cvss3": {"score": null, "vector": null}, "published": "2012-02-09T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 : squirrelmail (RHSA-2012:0103)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:squirrelmail", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0103.NASL", "href": "https://www.tenable.com/plugins/nessus/57870", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0103. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57870);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-1637\", \"CVE-2010-2813\", \"CVE-2010-4554\", \"CVE-2010-4555\", \"CVE-2011-2023\", \"CVE-2011-2752\", \"CVE-2011-2753\");\n script_bugtraq_id(40291, 42399, 48648);\n script_xref(name:\"RHSA\", value:\"2012:0103\");\n\n script_name(english:\"RHEL 4 / 5 : squirrelmail (RHSA-2012:0103)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that fixes several security issues is\nnow available for Red Hat Enterprise Linux 4 and 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote\nattacker could use this flaw to send a specially crafted Multipurpose\nInternet Mail Extensions (MIME) message that, when opened by a victim,\nwould lead to arbitrary web script execution in the context of their\nSquirrelMail session. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail.\nA remote attacker could possibly use these flaws to execute arbitrary\nweb script in the context of a victim's SquirrelMail session.\n(CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled\nthe content of various HTML input fields. A remote attacker could use\nthis flaw to alter user preference values via a newline character\ncontained in the input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages\ndid not protect against Cross-Site Request Forgery (CSRF) attacks. If\na remote attacker could trick a user, who was logged into\nSquirrelMail, into visiting a specially crafted URL, the attacker\ncould empty the victim's trash folder or alter the ordering of the\ncolumns on the message index page. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing\na remote attacker to perform a clickjacking attack against logged in\nusers and possibly gain access to sensitive user data. With this\nupdate, the SquirrelMail main frame can only be loaded into the top\nmost browser frame. (CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in\nattempts. A user preference file was created when attempting to log in\nwith a password containing an 8-bit character, even if the username\nwas not valid. A remote attacker could use this flaw to eventually\nconsume all hard disk space on the target SquirrelMail server.\n(CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this\nflaw to port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2010-06-21\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2010-07-23\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2011-07-10\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2011-07-11\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2011-07-12\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0103\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-1637\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-2813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2753\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4554\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-4555\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0103\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"squirrelmail-1.4.8-18.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"squirrelmail-1.4.8-5.el5_7.13\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T15:28:51", "description": "The remote host is running a version of Mac OS X 10.5 that does not have Security Update 2010-004 applied. \n\nThis security update contains fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2010-004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1374", "CVE-2010-1375", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411", "CVE-2010-1748", "CVE-2010-1816", "CVE-2010-1821"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2010-004.NASL", "href": "https://www.tenable.com/plugins/nessus/47024", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(47024);\n script_version(\"1.20\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-1578\",\n \"CVE-2009-1579\",\n \"CVE-2009-1580\",\n \"CVE-2009-1581\",\n \"CVE-2009-2964\",\n \"CVE-2009-4212\",\n \"CVE-2010-0186\",\n \"CVE-2010-0187\",\n \"CVE-2010-0302\",\n \"CVE-2010-0540\",\n \"CVE-2010-0541\",\n \"CVE-2010-0543\",\n \"CVE-2010-0545\",\n \"CVE-2010-0546\",\n \"CVE-2010-0734\",\n \"CVE-2010-1374\",\n \"CVE-2010-1375\",\n \"CVE-2010-1381\",\n \"CVE-2010-1382\",\n \"CVE-2010-1411\",\n \"CVE-2010-1748\",\n \"CVE-2010-1816\",\n \"CVE-2010-1821\"\n );\n script_bugtraq_id(\n 34916,\n 36196,\n 37749,\n 38198,\n 38200,\n 38510,\n 40887,\n 40889,\n 40892,\n 40893,\n 40894,\n 40895,\n 40896,\n 40897,\n 40898\n );\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2010-004)\");\n script_summary(english:\"Check for the presence of Security Update 2010-004\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes a security\nissue.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.5 that does not\nhave Security Update 2010-004 applied. \n\nThis security update contains fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4188\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install Security Update 2010-004 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(79, 94, 189, 287, 352, 399);\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/MacOSX/packages\", \"Host/uname\");\n\n exit(0);\n}\n\n\nuname = get_kb_item(\"Host/uname\");\nif (!uname) exit(1, \"The 'Host/uname' KB item is missing.\");\n\npat = \"^.+Darwin.* ([0-9]+\\.[0-9.]+).*$\";\nif (!ereg(pattern:pat, string:uname)) exit(1, \"Can't identify the Darwin kernel version from the uname output (\"+uname+\").\");\n\n\ndarwin = ereg_replace(pattern:pat, replace:\"\\1\", string:uname);\nif (ereg(pattern:\"^9\\.[0-8]\\.\", string:darwin))\n{\n packages = get_kb_item(\"Host/MacOSX/packages/boms\");\n if (!packages) exit(1, \"The 'Host/MacOSX/packages/boms' KB item is missing.\");\n\n if (egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2010\\.00[4-9]|201[1-9]\\.[0-9]+)(\\.leopard)?\\.bom\", string:packages)) \n exit(0, \"The host has Security Update 2010-004 or later installed and therefore is not affected.\");\n else \n security_hole(0);\n}\nelse exit(0, \"The host is running Darwin kernel version \"+darwin+\" and therefore is not affected.\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:50", "description": "Versions of Mac OS X 10.6 earlier than 10.6.4 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.4 contains security fixes for the following products :\n\n - CUPS\n\n - DesktopServices\n\n - Flash Player plug-in\n\n - Folder Manager\n\n - Help Viewer\n\n - iChat\n\n - ImageIO\n\nKerberos\n\n - libcurl\n\n - Network Authorization\n\n - Open Directory\n\n - Printer Setup\n\n - Printing\n\n - Ruby\n\n - SMB File Server\n\n - SquirrelMail\n\n - Wiki Server", "cvss3": {"score": null, "vector": null}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578", "CVE-2009-1579", "CVE-2010-0302", "CVE-2010-0734", "CVE-2010-0186", "CVE-2010-1411", "CVE-2009-4212", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0541", "CVE-2010-0187", "CVE-2009-2964", "CVE-2010-1320", "CVE-2010-0283", "CVE-2010-1374", "CVE-2010-1377", "CVE-2010-1380", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-1373", "CVE-2010-1376", "CVE-2010-1379", "CVE-2010-1381", "CVE-2010-1382"], "modified": "2010-06-15T00:00:00", "cpe": [], "id": "800793.PRM", "href": "https://www.tenable.com/plugins/lce/800793", "sourceData": "Binary data 800793.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:03:51", "description": "Versions of Mac OS X 10.6 earlier than 10.6.4 are potentially affected by multiple vulnerabilities. Mac OS X 10.6.4 contains security fixes for the following products :\n\n - CUPS\n\n - DesktopServices\n\n - Flash Player plug-in\n\n - Folder Manager\n\n - Help Viewer\n\n - iChat\n\n - ImageIO\n\nKerberos\n\n - libcurl\n\n - Network Authorization\n\n - Open Directory\n\n - Printer Setup\n\n - Printing\n\n - Ruby\n\n - SMB File Server\n\n - SquirrelMail\n\n - Wiki Server", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X 10.6 < 10.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1580", "CVE-2009-1581", "CVE-2009-1578", "CVE-2009-1579", "CVE-2010-0302", "CVE-2010-0734", "CVE-2010-0186", "CVE-2010-1411", "CVE-2009-4212", "CVE-2010-0540", "CVE-2010-1748", "CVE-2010-0541", "CVE-2010-0187", "CVE-2009-2964", "CVE-2010-1320", "CVE-2010-0283", "CVE-2010-1374", "CVE-2010-1377", "CVE-2010-1380", "CVE-2010-0543", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-1373", "CVE-2010-1376", "CVE-2010-1379", "CVE-2010-1381", "CVE-2010-1382"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"], "id": "5571.PRM", "href": "https://www.tenable.com/plugins/nnm/5571", "sourceData": "Binary data 5571.prm", "cvss": {"score": 10, "vector": "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:04:03", "description": "The remote host is running a version of Mac OS X 10.6.x that is prior to 10.6.4.\n\nMac OS X 10.6.4 contains security fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - Help Viewer\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Open Directory\n - Printer Setup\n - Printing\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2010-06-15T00:00:00", "type": "nessus", "title": "Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581", "CVE-2009-2964", "CVE-2009-4212", "CVE-2010-0186", "CVE-2010-0187", "CVE-2010-0283", "CVE-2010-0302", "CVE-2010-0540", "CVE-2010-0541", "CVE-2010-0545", "CVE-2010-0546", "CVE-2010-0734", "CVE-2010-1320", "CVE-2010-1373", "CVE-2010-1374", "CVE-2010-1376", "CVE-2010-1377", "CVE-2010-1379", "CVE-2010-1380", "CVE-2010-1381", "CVE-2010-1382", "CVE-2010-1411", "CVE-2010-1748", "CVE-2010-1816", "CVE-2010-1821"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_10_6_4.NASL", "href": "https://www.tenable.com/plugins/nessus/47023", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\nif (!defined_func(\"bn_random\")) exit(0);\nif (NASL_LEVEL < 3000) exit(0);\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(47023);\n script_version(\"1.22\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2009-1578\",\n \"CVE-2009-1579\",\n \"CVE-2009-1580\",\n \"CVE-2009-1581\",\n \"CVE-2009-2964\",\n \"CVE-2009-4212\",\n \"CVE-2010-0186\",\n \"CVE-2010-0187\",\n \"CVE-2010-0283\",\n \"CVE-2010-0302\",\n \"CVE-2010-0540\",\n \"CVE-2010-0541\",\n \"CVE-2010-0545\",\n \"CVE-2010-0546\",\n \"CVE-2010-0734\",\n \"CVE-2010-1320\",\n \"CVE-2010-1373\",\n \"CVE-2010-1374\",\n \"CVE-2010-1376\",\n \"CVE-2010-1377\",\n \"CVE-2010-1379\",\n \"CVE-2010-1380\",\n \"CVE-2010-1381\",\n \"CVE-2010-1382\",\n \"CVE-2010-1411\",\n \"CVE-2010-1748\",\n \"CVE-2010-1816\",\n \"CVE-2010-1821\"\n );\n script_bugtraq_id(\n 34916,\n 36196,\n 37749,\n 38198,\n 38200,\n 38260,\n 38510,\n 39599,\n 40886,\n 40887,\n 40888,\n 40889,\n 40892,\n 40893,\n 40895,\n 40897,\n 40902,\n 40903,\n 40905\n );\n\n script_name(english:\"Mac OS X 10.6.x < 10.6.4 Multiple Vulnerabilities\");\n script_summary(english:\"Check the version of Mac OS X\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes various\nsecurity issues.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is running a version of Mac OS X 10.6.x that is prior\nto 10.6.4.\n\nMac OS X 10.6.4 contains security fixes for the following components :\n\n - CUPS\n - DesktopServices\n - Flash Player plug-in\n - Folder Manager\n - Help Viewer\n - iChat\n - ImageIO\n - Kerberos\n - Kernel\n - libcurl\n - Network Authorization\n - Open Directory\n - Printer Setup\n - Printing\n - Ruby\n - SMB File Server\n - SquirrelMail\n - Wiki Server\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://support.apple.com/kb/HT4188\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://lists.apple.com/archives/security-announce/2010/Jun/msg00001.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade to Mac OS X 10.6.4 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_cwe_id(20, 79, 94, 189, 287, 352, 399);\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/05/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/15\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.\");\n \n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n\n exit(0);\n}\n\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os)\n{\n os = get_kb_item(\"Host/OS\");\n if (isnull(os)) exit(1, \"The 'Host/OS' KB item is missing.\");\n\n c = get_kb_item(\"Host/OS/Confidence\");\n if (c <= 70) exit(1, \"Can't determine the host's OS with sufficient confidence.\");\n}\nif (!os) exit(0, \"The 'Host/MacOSX/Version' KB item is missing.\");\n\n\nif (ereg(pattern:\"Mac OS X 10\\.6($|\\.[0-3]([^0-9]|$))\", string:os)) security_hole(0);\nelse exit(0, \"The host is not affected as it is running \"+os+\".\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-08T14:30:28", "description": "The remote host is running a version of Mac OS X 10.6 that does not have Security Update 2012-001 applied. This update contains multiple security-related fixes for the following components :\n\n - Apache\n - ATS\n - ColorSync\n - CoreAudio\n - CoreMedia\n - CoreText\n - curl\n - Data Security\n - dovecot\n - filecmds\n - libresolv\n - libsecurity\n - OpenGL\n - PHP\n - QuickTime\n - SquirrelMail\n - Subversion\n - Tomcat\n - X11", "cvss3": {"score": null, "vector": null}, "published": "2012-02-02T00:00:00", "type": "nessus", "title": "Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-0200", "CVE-2011-1148", "CVE-2011-1657", "CVE-2011-1752", "CVE-2011-1783", "CVE-2011-1921", "CVE-2011-1938", "CVE-2011-2023", "CVE-2011-2192", "CVE-2011-2202", "CVE-2011-2204", "CVE-2011-2483", "CVE-2011-2895", "CVE-2011-3182", "CVE-2011-3189", "CVE-2011-3248", "CVE-2011-3249", "CVE-2011-3250", "CVE-2011-3252", "CVE-2011-3267", "CVE-2011-3268", "CVE-2011-3348", "CVE-2011-3389", "CVE-2011-3422", "CVE-2011-3446", "CVE-2011-3448", "CVE-2011-3449", "CVE-2011-3453", "CVE-2011-3457", "CVE-2011-3458", "CVE-2011-3459", "CVE-2011-3460"], "modified": "2018-07-14T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x"], "id": "MACOSX_SECUPD2012-001.NASL", "href": "https://www.tenable.com/plugins/nessus/57798", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(57798);\n script_version(\"1.25\");\n script_cvs_date(\"Date: 2018/07/14 1:59:35\");\n\n script_cve_id(\n \"CVE-2010-1637\",\n \"CVE-2010-2813\",\n \"CVE-2010-4554\",\n \"CVE-2010-4555\",\n \"CVE-2011-0200\",\n \"CVE-2011-1148\",\n \"CVE-2011-1657\",\n \"CVE-2011-1752\",\n \"CVE-2011-1783\",\n \"CVE-2011-1921\",\n \"CVE-2011-1938\",\n \"CVE-2011-2023\",\n \"CVE-2011-2192\",\n \"CVE-2011-2202\",\n \"CVE-2011-2204\",\n \"CVE-2011-2483\",\n \"CVE-2011-2895\",\n \"CVE-2011-3182\",\n \"CVE-2011-3189\",\n \"CVE-2011-3248\",\n \"CVE-2011-3249\",\n \"CVE-2011-3250\",\n \"CVE-2011-3252\",\n \"CVE-2011-3267\",\n \"CVE-2011-3268\",\n \"CVE-2011-3348\",\n \"CVE-2011-3389\",\n \"CVE-2011-3422\",\n \"CVE-2011-3446\",\n \"CVE-2011-3448\",\n \"CVE-2011-3449\",\n \"CVE-2011-3453\",\n \"CVE-2011-3457\",\n \"CVE-2011-3458\",\n \"CVE-2011-3459\",\n \"CVE-2011-3460\"\n );\n script_bugtraq_id(\n 40291,\n 42399,\n 46843,\n 47950,\n 48091,\n 48259,\n 48416,\n 48434,\n 48456,\n 48648,\n 49124,\n 49241,\n 49249,\n 49252,\n 49376,\n 49429,\n 49616,\n 49778,\n 50065,\n 50400,\n 50401,\n 50404,\n 51807,\n 51808,\n 51809,\n 51811,\n 51812,\n 51814,\n 51817,\n 51832\n );\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2012-02-03-1\");\n script_xref(name:\"CERT\", value:\"403593\");\n script_xref(name:\"CERT\", value:\"410281\");\n\n script_name(english:\"Mac OS X Multiple Vulnerabilities (Security Update 2012-001) (BEAST)\");\n script_summary(english:\"Check for the presence of Security Update 2012-001.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host is missing a Mac OS X update that fixes multiple\nsecurity vulnerabilities.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host is running a version of Mac OS X 10.6 that does not\nhave Security Update 2012-001 applied. This update contains multiple\nsecurity-related fixes for the following components :\n\n - Apache\n - ATS\n - ColorSync\n - CoreAudio\n - CoreMedia\n - CoreText\n - curl\n - Data Security\n - dovecot\n - filecmds\n - libresolv\n - libsecurity\n - OpenGL\n - PHP\n - QuickTime\n - SquirrelMail\n - Subversion\n - Tomcat\n - X11\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-058/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-103/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.zerodayinitiative.com/advisories/ZDI-12-130/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://seclists.org/fulldisclosure/2012/Aug/59\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT5130\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Feb/msg00001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://lists.apple.com/archives/security-announce/2012/Feb/msg00002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\"Install Security Update 2012-001 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/06/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"Host/MacOSX/packages/boms\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\nif (!ereg(pattern:\"Mac OS X 10\\.6([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.6\");\n\npackages = get_kb_item_or_exit(\"Host/MacOSX/packages/boms\", exit_code:1);\nif (\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.(2012\\.00[1-9]|201[3-9]\\.[0-9]+)(\\.snowleopard[0-9.]*)?\\.bom\", string:packages) ||\n egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\\.2012\\.001(\\.snowleopard)?\\.1\\.1\\.bom\", string:packages)\n) exit(0, \"The host has Security Update 2012-001 or later installed and therefore is not affected.\");\nelse\n{\n if (report_verbosity > 0)\n {\n security_boms = egrep(pattern:\"^com\\.apple\\.pkg\\.update\\.security\", string:packages);\n\n report = '\\n Installed security updates : ';\n if (security_boms) report += str_replace(find:'\\n', replace:'\\n ', string:security_boms);\n else report += 'n/a';\n report += '\\n';\n\n security_hole(port:0, extra:report);\n }\n else security_hole(0);\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T12:19:25", "description": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preferences files.", "cvss3": {}, "published": "2010-08-19T18:00:00", "type": "cve", "title": "CVE-2010-2813", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813"], "modified": "2017-08-17T01:32:00", "cpe": ["cpe:/a:squirrelmail:squirrelmail:1.4.17", "cpe:/a:squirrelmail:squirrelmail:1.4.10a", "cpe:/a:squirrelmail:squirrelmail:1.4.5", "cpe:/a:squirrelmail:squirrelmail:1.4.13", "cpe:/a:squirrelmail:squirrelmail:1.4.3_r3", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r1", "cpe:/a:squirrelmail:squirrelmail:1.4.6_cvs", "cpe:/a:squirrelmail:squirrelmail:1.4.0_rc2a", "cpe:/a:squirrelmail:squirrelmail:1.4.19", "cpe:/a:squirrelmail:squirrelmail:1.4.1", "cpe:/a:squirrelmail:squirrelmail:1.4.9a", "cpe:/a:squirrelmail:squirrelmail:1.4.8", "cpe:/a:squirrelmail:squirrelmail:1.4.15_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.0-r1", "cpe:/a:squirrelmail:squirrelmail:1.4", "cpe:/a:squirrelmail:squirrelmail:1.4.20", "cpe:/a:squirrelmail:squirrelmail:1.4.5_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.3aa", "cpe:/a:squirrelmail:squirrelmail:1.4_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.4_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r5", "cpe:/a:squirrelmail:squirrelmail:1.4.2", "cpe:/a:squirrelmail:squirrelmail:1.4.4", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r4", "cpe:/a:squirrelmail:squirrelmail:1.4.10", "cpe:/a:squirrelmail:squirrelmail:1.4.3a", "cpe:/a:squirrelmail:squirrelmail:1.4.6", "cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.3", "cpe:/a:squirrelmail:squirrelmail:1.4.7", "cpe:/a:squirrelmail:squirrelmail:1.4.15", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r3", "cpe:/a:squirrelmail:squirrelmail:1.4.12", "cpe:/a:squirrelmail:squirrelmail:1.4.16", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r2", "cpe:/a:squirrelmail:squirrelmail:1.4.15rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.6_rc1", "cpe:/a:squirrelmail:squirrelmail:1.44", "cpe:/a:squirrelmail:squirrelmail:1.4.0_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.9", "cpe:/a:squirrelmail:squirrelmail:1.4.11", "cpe:/a:squirrelmail:squirrelmail:1.4.18", "cpe:/a:squirrelmail:squirrelmail:1.4.8.4fc6", "cpe:/a:squirrelmail:squirrelmail:1.4.0"], "id": "CVE-2010-2813", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2813", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:r1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc2a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.20:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T21:32:49", "description": "Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to hijack the authentication of unspecified victims via features such as send message and change preferences, related to (1) functions/mailbox_display.php, (2) src/addrbook_search_html.php, (3) src/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6) src/folders_create.php, (7) src/folders_delete.php, (8) src/folders_rename_do.php, (9) src/folders_rename_getname.php, (10) src/folders_subscribe.php, (11) src/move_messages.php, (12) src/options.php, (13) src/options_highlight.php, (14) src/options_identities.php, (15) src/options_order.php, (16) src/search.php, and (17) src/vcard.php.", "cvss3": {}, "published": "2009-08-25T17:30:00", "type": "cve", "title": "CVE-2009-2964", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2017-09-19T01:29:00", "cpe": ["cpe:/a:squirrelmail:squirrelmail:1.4.6_cvs", "cpe:/a:squirrelmail:squirrelmail:1.0.5", "cpe:/a:squirrelmail:squirrelmail:0.1.2", "cpe:/a:squirrelmail:squirrelmail:1.4.8.4fc6", "cpe:/a:squirrelmail:squirrelmail:1.4.0_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.10", "cpe:/a:squirrelmail:squirrelmail:1.4.0_rc2a", "cpe:/a:squirrelmail:squirrelmail:1.4.7", "cpe:/a:squirrelmail:squirrelmail:1.2.8", "cpe:/a:squirrelmail:squirrelmail:1.0.3", "cpe:/a:squirrelmail:squirrelmail:1.3.0", "cpe:/a:squirrelmail:squirrelmail:1.3.1", "cpe:/a:squirrelmail:squirrelmail:1.0", "cpe:/a:squirrelmail:squirrelmail:1.4.16", "cpe:/a:squirrelmail:squirrelmail:0.1.1", "cpe:/a:squirrelmail:squirrelmail:1.4.4", "cpe:/a:squirrelmail:squirrelmail:1.2.1", "cpe:/a:squirrelmail:squirrelmail:1.2.11", "cpe:/a:squirrelmail:squirrelmail:1.4.9a", "cpe:/a:squirrelmail:squirrelmail:1.4.6_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4", "cpe:/a:squirrelmail:squirrelmail:1.2.2", "cpe:/a:squirrelmail:squirrelmail:1.4.13", "cpe:/a:squirrelmail:squirrelmail:1.4.3_r3", "cpe:/a:squirrelmail:squirrelmail:1.2", "cpe:/a:squirrelmail:squirrelmail:1.4.19", "cpe:/a:squirrelmail:squirrelmail:1.2.0", "cpe:/a:squirrelmail:squirrelmail:1.1.2", "cpe:/a:squirrelmail:squirrelmail:1.4.10a", "cpe:/a:squirrelmail:squirrelmail:1.4.3a", "cpe:/a:squirrelmail:squirrelmail:1.2.9", "cpe:/a:squirrelmail:squirrelmail:1.4.15_rc1", "cpe:/a:squirrelmail:squirrelmail:1.0.1", "cpe:/a:squirrelmail:squirrelmail:1.4.2", "cpe:/a:squirrelmail:squirrelmail:1.4.5", "cpe:/a:squirrelmail:squirrelmail:1.2.7", "cpe:/a:squirrelmail:squirrelmail:1.4.0", "cpe:/a:squirrelmail:squirrelmail:1.2.3", "cpe:/a:squirrelmail:squirrelmail:1.4.17", "cpe:/a:squirrelmail:squirrelmail:1.4.18", "cpe:/a:squirrelmail:squirrelmail:1.4.6", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r1", "cpe:/a:squirrelmail:squirrelmail:1.2.4", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r3", "cpe:/a:squirrelmail:squirrelmail:1.4.4_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.3aa", "cpe:/a:squirrelmail:squirrelmail:1.1.1", "cpe:/a:squirrelmail:squirrelmail:1.0.6", "cpe:/a:squirrelmail:squirrelmail:1.4.3", "cpe:/a:squirrelmail:squirrelmail:1.0pre2", "cpe:/a:squirrelmail:squirrelmail:1.2.5", "cpe:/a:squirrelmail:squirrelmail:1.2.0_rc3", "cpe:/a:squirrelmail:squirrelmail:1.4.8", "cpe:/a:squirrelmail:squirrelmail:1.4.1", "cpe:/a:squirrelmail:squirrelmail:1.4.11", "cpe:/a:squirrelmail:squirrelmail:1.4.15rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.5_rc1", "cpe:/a:squirrelmail:squirrelmail:1.2.6", "cpe:/a:squirrelmail:squirrelmail:1.4_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.0-r1", "cpe:/a:squirrelmail:squirrelmail:1.0.2", "cpe:/a:squirrelmail:squirrelmail:1.4.15", "cpe:/a:squirrelmail:squirrelmail:1.4.9", "cpe:/a:squirrelmail:squirrelmail:1.1.0", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r5", "cpe:/a:squirrelmail:squirrelmail:1.0pre3", "cpe:/a:squirrelmail:squirrelmail:1.1.3", "cpe:/a:squirrelmail:squirrelmail:1.2.10", "cpe:/a:squirrelmail:squirrelmail:1.3.2", "cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r4", "cpe:/a:squirrelmail:squirrelmail:1.4.2-r2", "cpe:/a:squirrelmail:squirrelmail:1.2.6-rc1", "cpe:/a:squirrelmail:squirrelmail:1.4.12", "cpe:/a:squirrelmail:squirrelmail:1.0pre1", "cpe:/a:squirrelmail:squirrelmail:1.0.4"], "id": "CVE-2009-2964", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2964", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:squirrelmail:squirrelmail:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6-rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:r1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc2a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0_rc3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:rc3:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:0.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre3:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15_rc1:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:1.0.6:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T12:13:09", "description": "functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise Linux (RHEL) 4 and 5, does not properly handle 8-bit characters in passwords, which allows remote attackers to cause a denial of service (disk consumption) by making many IMAP login attempts with different usernames, leading to the creation of many preference files. NOTE: this issue exists because of an incorrect fix for CVE-2010-2813.", "cvss3": {}, "published": "2013-01-18T11:48:00", "type": "cve", "title": "CVE-2012-2124", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2013-01-18T11:48:00", "cpe": ["cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/a:squirrelmail:squirrelmail:-"], "id": "CVE-2012-2124", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2124", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:4:*:*:*:*:*:*:*", "cpe:2.3:a:squirrelmail:squirrelmail:-:*:*:*:*:*:*:*"]}], "veracode": [{"lastseen": "2022-07-27T10:25:43", "description": "squirrelmail is vulnerable to denial of service (DoS). The vulnerability exists as a flaw was found in the way SquirrelMail handled failed log in attempts. A user preference file was created when attempting to log in with a password containing an 8-bit character, even if the username was not valid. A remote attacker could use this flaw to eventually consume all hard disk space on the target SquirrelMail server.\n", "cvss3": {}, "published": "2020-04-10T01:06:28", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813"], "modified": "2022-04-19T18:25:08", "id": "VERACODE:24825", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-24825/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-07-27T10:13:57", "description": "SquirrelMail is vulnerable to cross-site request forgery (CSRF). Form submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user's authentication, inject malicious content into that user's preferences, or possibly send mail without that user's permission. \n", "cvss3": {}, "published": "2020-04-10T00:39:18", "type": "veracode", "title": "Cross-site Request Forgery (CSRF)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2022-04-19T18:26:38", "id": "VERACODE:23891", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-23891/summary", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "jvn": [{"lastseen": "2021-12-28T23:21:19", "description": "SquirrelMail from SquirrelMail Project is an open source webmail (web-based email). \nSquirrelMail contains an issue in processing of sending a message or setting changes, which may result in cross-site request forgery. \n\n\n ## Impact\n\nA remote attacker may send an arbitrary email or change the settings.\n\n ## Solution\n\n**Update the Software** \nUpdate to the latest version of SquirrelMail according to the information provided by the developer. \n \nThe issue was resolved in SquirrelMail 1.4.20. \n\n\n ## Products Affected\n\n * SquirrelMail 1.4.19 and earlier\n", "cvss3": {}, "published": "2011-01-07T00:00:00", "type": "jvn", "title": "JVN#30881447: SquirrelMail vulnerable to cross-site request forgery", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2011-01-07T00:00:00", "id": "JVN:30881447", "href": "http://jvn.jp/en/jp/JVN30881447/index.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:49", "description": "[1.4.8-5.0.1.el5_4.10]\n- Remove Redhat splash screen images\n[1.4.8-5.10]\n- fix: CVE-2009-2964 : CSRF issues in all forms - extend to all forms\n[1.4.8-5.9]\n- fix: CVE-2009-2964 : CSRF issues in all forms - add missing parts\n[1.4.8-5.8]\n- fix: CVE-2009-2964 : CSRF issues in all forms ", "cvss3": {}, "published": "2009-10-08T00:00:00", "type": "oraclelinux", "title": "squirrelmail security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2009-10-08T00:00:00", "id": "ELSA-2009-1490", "href": "http://linux.oracle.com/errata/ELSA-2009-1490.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:54", "description": "[1.4.8-21.0.2.el5]\r\n- remove Redhat splash screen images from source\r\n \n[1.4.8-21.0.1.el5]\r\n- remove Redhat splash screen images\r\n- add README instead of README.RedHat\r\n \n[1.4.8-21]\r\n- change charset for zh_CN and zh_TW to utf-8 (#508686)\r\n \n[1.4.8-20]\r\n- fix header encoding issue (#241861)\r\n- fix code producing warnings in the log (#475188)\r\n \n[1.4.8-19]\r\n- patch for CVE-2010-2813 modified wrong file (#808598)\r\n- correct requirement is mod_php not php (#789353)\r\n- comply with RFC2822 line length limits (#745469)\r\n- document that SELinux boolean httpd_can_sendmail needs to be\r\n turned on (#745380)\r\n- add support for big UIDs on 32bit machines (#450780)\r\n- do not corrupt html attachments (#359791)", "cvss3": {}, "published": "2013-01-11T00:00:00", "type": "oraclelinux", "title": "squirrelmail security and bug fix update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2012-2124", "CVE-2010-2813"], "modified": "2013-01-11T00:00:00", "id": "ELSA-2013-0126", "href": "http://linux.oracle.com/errata/ELSA-2013-0126.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "description": "[1.4.8-5.0.1.el5_7.13]\n- Remove Redhat splash screen images\n[1.4.8-5.13]\n- fix typo in CVE-20210-4555 patch\n[1.4.8-5.12]\n- patch for CVE-2010-2813 was not complete\n[1.4.8-5.11]\n- fix: CVE-2010-1637 : Port-scans via non-standard POP3 server ports in \n Mail Fetch plugin\n- fix: CVE-2010-2813 : DoS (disk space consumption) by random IMAP login \n attempts with 8-bit characters in the password\n- fix: CVE-2010-4554 : Prone to clickjacking attacks\n- fix: CVE-2010-4555 : Multiple XSS flaws\n[tag handling]\n- fix: CVE-2011-2752 : CRLF injection vulnerability\n- fix: CVE-2011-2753 : CSRF in the empty trash feature and in Index Order page", "cvss3": {}, "published": "2012-02-08T00:00:00", "type": "oraclelinux", "title": "squirrelmail security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2011-2753", "CVE-2010-2813", "CVE-2011-2752", "CVE-2011-2023", "CVE-2010-4554", "CVE-2010-4555", "CVE-2010-1637"], "modified": "2012-02-08T00:00:00", "id": "ELSA-2012-0103", "href": "http://linux.oracle.com/errata/ELSA-2012-0103.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:38:50", "description": "CVE(CAN) ID: CVE-2009-2964\r\n\r\nSquirrelMail\u662f\u4e00\u6b3ePHP\u7f16\u5199\u7684WEBMAIL\u7a0b\u5e8f\u3002\r\n\r\nSquirrelMail\u6ca1\u6709\u6b63\u786e\u5730\u8fc7\u6ee4\u7528\u6237\u5411\u591a\u4e2a\u8868\u5355\uff08\u53d1\u9001\u6d88\u606f\u3001\u66f4\u6539\u504f\u597d\u7b49\uff09\u6240\u63d0\u4ea4\u7684\u5185\u5bb9\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u653b\u51fb\u6267\u884c\u5220\u9664\u90ae\u4ef6\u3001\u53d1\u9001\u90ae\u4ef6\u7b49\u64cd\u4f5c\u3002\u4ee5\u4e0b\u662f\u53d7\u5f71\u54cd\u7684\u9875\u9762\uff1a\r\n\r\nfunctions/mailbox_display.php\r\nsrc/addrbook_search_html.php\r\nsrc/addressbook.php\r\nsrc/compose.php\r\nsrc/folders.php\r\nsrc/folders_create.php\r\nsrc/folders_delete.php\r\nsrc/folders_rename_do.php\r\nsrc/folders_rename_getname.php\r\nsrc/folders_subscribe.php\r\nsrc/move_messages.php\r\nsrc/options.php\r\nsrc/options_highlight.php\r\nsrc/options_identities.php\r\nsrc/options_order.php\r\nsrc/search.php\r\nsrc/vcard.php\n\nSquirrelMail <= 1.4.19\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nSquirrelMail\r\n------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=rev&revision=13818", "cvss3": {}, "published": "2009-08-28T00:00:00", "title": "SquirrelMail\u591a\u4e2a\u8868\u5355\u8de8\u7ad9\u8bf7\u6c42\u4f2a\u9020\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-2964"], "modified": "2009-08-28T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12149", "id": "SSV:12149", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2022-02-27T11:59:38", "description": "**CentOS Errata and Security Advisory** CESA-2009:1490\n\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2009-October/053100.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-October/053101.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-October/053104.html\nhttps://lists.centos.org/pipermail/centos-announce/2009-October/053105.html\n\n**Affected packages:**\nsquirrelmail\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2009:1490", "cvss3": {}, "published": "2009-10-08T20:55:32", "type": "centos", "title": "squirrelmail security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2009-10-09T15:11:33", "id": "CESA-2009:1490", "href": "https://lists.centos.org/pipermail/centos-announce/2009-October/053100.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-27T11:55:08", "description": "**CentOS Errata and Security Advisory** CESA-2013:0126\n\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\ntext stated, correct the CVE-2010-2813 issue, a flaw in the way\nSquirrelMail handled failed log in attempts. A user preference file was\ncreated when attempting to log in with a password containing an 8-bit\ncharacter, even if the username was not valid. A remote attacker could use\nthis flaw to eventually consume all hard disk space on the target\nSquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, SquirrelMail could not decode multi-line subjects\nproperly. Consequently, the decode header internationalization option did\nnot properly handle new lines or tabs at the beginning of the lines. This\nbug has been fixed and SquirrelMail now works correctly in the described\nscenario. (BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows operating\nsystem were not displayed properly when accessed with SquirrelMail; the\n\"!=null\" string was trimmed to \"!ull\". This bug has been fixed and the\nattachments are now displayed correctly in such a case. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger than\n2^31 bytes were unreadable when using the squirrelmail package. With this\npatch the squirrelmail package is able to read all messages regardless of\nthe UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set to\nrequested variables. Consequently, SquirrelMail could not display any\ne-mails. The underlying source code has been modified and now the\nsquirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the i18n.php\nfile, the squirrelmail package could not use the GB 2312 character set. The\ni18n.php file has been fixed and the GB 2312 character set works correctly\nin the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled constant,\nPREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error\nmessages. The name of the constant has been corrected to\nPREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in\nthis scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from\nthe SquirrelMail web interface was blocked. This update adds a note to the\nSquirrelMail documentation that describes how to set the SELinux options to\nallow sending e-mails from the SquirrelMail web interface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC 2822\nspecification about line length limits. Consequently, attachments with\nlines longer than 998 characters could not be forwarded using SquirrelMail.\nThis patch modifies the underlying source code and now SquirrelMail\ncomplies with the RFC 2822 specification as expected. (BZ#745469)\n\n* Prior to this update, the squirrelmail package required the php-common\nscript instead of the mod_php script during installation or upgrade of the\npackage, which led to a dependency error. As a result, attempting to\ninstall or upgrade the squirrelmail package failed on systems using the\nphp53 packages. With this update, the dependencies of the squirrelmail\npackage were changed and the installation or upgrade now works correctly in\nthe described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2013-January/056096.html\nhttps://lists.centos.org/pipermail/centos-cr-announce/2013-January/013329.html\n\n**Affected packages:**\nsquirrelmail\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2013:0126", "cvss3": {}, "published": "2013-01-09T20:54:52", "type": "centos", "title": "squirrelmail security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2013-01-11T13:19:06", "id": "CESA-2013:0126", "href": "https://lists.centos.org/pipermail/centos-announce/2013-January/056096.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-27T11:55:50", "description": "**CentOS Errata and Security Advisory** CESA-2012:0103\n\n\nSquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote attacker\ncould use this flaw to send a specially-crafted Multipurpose Internet Mail\nExtensions (MIME) message that, when opened by a victim, would lead to\narbitrary web script execution in the context of their SquirrelMail\nsession. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\nremote attacker could possibly use these flaws to execute arbitrary web\nscript in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the\ncontent of various HTML input fields. A remote attacker could use this\nflaw to alter user preference values via a newline character contained in\nthe input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did\nnot protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\nattacker could trick a user, who was logged into SquirrelMail, into\nvisiting a specially-crafted URL, the attacker could empty the victim's\ntrash folder or alter the ordering of the columns on the message index\npage. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\nremote attacker to perform a clickjacking attack against logged in users\nand possibly gain access to sensitive user data. With this update, the\nSquirrelMail main frame can only be loaded into the top most browser frame.\n(CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A\nuser preference file was created when attempting to log in with a password\ncontaining an 8-bit character, even if the username was not valid. A\nremote attacker could use this flaw to eventually consume all hard disk\nspace on the target SquirrelMail server. (CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this flaw\nto port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2012-February/055341.html\nhttps://lists.centos.org/pipermail/centos-announce/2012-February/055342.html\n\n**Affected packages:**\nsquirrelmail\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2012:0103", "cvss3": {}, "published": "2012-02-08T20:29:14", "type": "centos", "title": "squirrelmail security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2012-02-08T20:33:10", "id": "CESA-2012:0103", "href": "https://lists.centos.org/pipermail/centos-announce/2012-February/055341.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-10-21T04:42:55", "description": "SquirrelMail is a standards-based webmail package written in PHP.\n\nForm submissions in SquirrelMail did not implement protection against\nCross-Site Request Forgery (CSRF) attacks. If a remote attacker tricked a\nuser into visiting a malicious web page, the attacker could hijack that\nuser's authentication, inject malicious content into that user's\npreferences, or possibly send mail without that user's permission.\n(CVE-2009-2964)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains a backported patch to correct these issues.", "cvss3": {}, "published": "2009-10-08T00:00:00", "type": "redhat", "title": "(RHSA-2009:1490) Moderate: squirrelmail security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2018-05-26T00:26:17", "id": "RHSA-2009:1490", "href": "https://access.redhat.com/errata/RHSA-2009:1490", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:46:42", "description": "SquirrelMail is a standards-based webmail package written in PHP.\n\nThe SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum\ntext stated, correct the CVE-2010-2813 issue, a flaw in the way\nSquirrelMail handled failed log in attempts. A user preference file was\ncreated when attempting to log in with a password containing an 8-bit\ncharacter, even if the username was not valid. A remote attacker could use\nthis flaw to eventually consume all hard disk space on the target\nSquirrelMail server. (CVE-2012-2124)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, SquirrelMail could not decode multi-line subjects\nproperly. Consequently, the decode header internationalization option did\nnot properly handle new lines or tabs at the beginning of the lines. This\nbug has been fixed and SquirrelMail now works correctly in the described\nscenario. (BZ#241861)\n\n* Due to a bug, attachments written in HTML code on the Windows operating\nsystem were not displayed properly when accessed with SquirrelMail; the\n\"!=null\" string was trimmed to \"!ull\". This bug has been fixed and the\nattachments are now displayed correctly in such a case. (BZ#359791)\n\n* Previously, e-mail messages with a Unique Identifier (UID) larger than\n2^31 bytes were unreadable when using the squirrelmail package. With this\npatch the squirrelmail package is able to read all messages regardless of\nthe UIDs size. (BZ#450780)\n\n* Due to a bug, a PHP script did not assign the proper character set to\nrequested variables. Consequently, SquirrelMail could not display any\ne-mails. The underlying source code has been modified and now the\nsquirrelmail package assigns the correct character set. (BZ#475188)\n\n* Due to the incorrect internationalization option located at the i18n.php\nfile, the squirrelmail package could not use the GB 2312 character set. The\ni18n.php file has been fixed and the GB 2312 character set works correctly\nin the described scenario. (BZ#508686)\n\n* Previously, the preg_split() function contained a misspelled constant,\nPREG_SPLIT_NI_EMPTY, which could cause SquirrelMail to produce error\nmessages. The name of the constant has been corrected to\nPREG_SPLIT_NO_EMPTY, and SquirrelMail no longer produces error messages in\nthis scenario. (BZ#528758)\n\n* Due to Security-Enhanced Linux (SELinux) settings, sending e-mails from\nthe SquirrelMail web interface was blocked. This update adds a note to the\nSquirrelMail documentation that describes how to set the SELinux options to\nallow sending e-mails from the SquirrelMail web interface. (BZ#745380)\n\n* Previously, the squirrelmail package did not comply with the RFC 2822\nspecification about line length limits. Consequently, attachments with\nlines longer than 998 characters could not be forwarded using SquirrelMail.\nThis patch modifies the underlying source code and now SquirrelMail\ncomplies with the RFC 2822 specification as expected. (BZ#745469)\n\n* Prior to this update, the squirrelmail package required the php-common\nscript instead of the mod_php script during installation or upgrade of the\npackage, which led to a dependency error. As a result, attempting to\ninstall or upgrade the squirrelmail package failed on systems using the\nphp53 packages. With this update, the dependencies of the squirrelmail\npackage were changed and the installation or upgrade now works correctly in\nthe described scenario. (BZ#789353)\n\nAll users of SquirrelMail are advised to upgrade to this updated package,\nwhich contains backported patches to correct these issues.\n", "cvss3": {}, "published": "2013-01-08T00:00:00", "type": "redhat", "title": "(RHSA-2013:0126) Low: squirrelmail security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2017-09-08T08:09:30", "id": "RHSA-2013:0126", "href": "https://access.redhat.com/errata/RHSA-2013:0126", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-21T04:46:58", "description": "SquirrelMail is a standards-based webmail package written in PHP.\n\nA cross-site scripting (XSS) flaw was found in the way SquirrelMail\nperformed the sanitization of HTML style tag content. A remote attacker\ncould use this flaw to send a specially-crafted Multipurpose Internet Mail\nExtensions (MIME) message that, when opened by a victim, would lead to\narbitrary web script execution in the context of their SquirrelMail\nsession. (CVE-2011-2023)\n\nMultiple cross-site scripting (XSS) flaws were found in SquirrelMail. A\nremote attacker could possibly use these flaws to execute arbitrary web\nscript in the context of a victim's SquirrelMail session. (CVE-2010-4555)\n\nAn input sanitization flaw was found in the way SquirrelMail handled the\ncontent of various HTML input fields. A remote attacker could use this\nflaw to alter user preference values via a newline character contained in\nthe input for these fields. (CVE-2011-2752)\n\nIt was found that the SquirrelMail Empty Trash and Index Order pages did\nnot protect against Cross-Site Request Forgery (CSRF) attacks. If a remote\nattacker could trick a user, who was logged into SquirrelMail, into\nvisiting a specially-crafted URL, the attacker could empty the victim's\ntrash folder or alter the ordering of the columns on the message index\npage. (CVE-2011-2753)\n\nSquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a\nremote attacker to perform a clickjacking attack against logged in users\nand possibly gain access to sensitive user data. With this update, the\nSquirrelMail main frame can only be loaded into the top most browser frame.\n(CVE-2010-4554)\n\nA flaw was found in the way SquirrelMail handled failed log in attempts. A\nuser preference file was created when attempting to log in with a password\ncontaining an 8-bit character, even if the username was not valid. A\nremote attacker could use this flaw to eventually consume all hard disk\nspace on the target SquirrelMail server. (CVE-2010-2813)\n\nA flaw was found in the SquirrelMail Mail Fetch plug-in. If an\nadministrator enabled this plug-in, a SquirrelMail user could use this flaw\nto port scan the local network the server was on. (CVE-2010-1637)\n\nUsers of SquirrelMail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\n", "cvss3": {}, "published": "2012-02-08T00:00:00", "type": "redhat", "title": "(RHSA-2012:0103) Moderate: squirrelmail security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813", "CVE-2010-4554", "CVE-2010-4555", "CVE-2011-2023", "CVE-2011-2752", "CVE-2011-2753"], "modified": "2017-09-08T08:17:14", "id": "RHSA-2012:0103", "href": "https://access.redhat.com/errata/RHSA-2012:0103", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:39:00", "description": "Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail\n1.4.19 and earlier, and NaSMail before 1.7, allow remote attackers to\nhijack the authentication of unspecified victims via features such as send\nmessage and change preferences, related to (1)\nfunctions/mailbox_display.php, (2) src/addrbook_search_html.php, (3)\nsrc/addressbook.php, (4) src/compose.php, (5) src/folders.php, (6)\nsrc/folders_create.php, (7) src/folders_delete.php, (8)\nsrc/folders_rename_do.php, (9) src/folders_rename_getname.php, (10)\nsrc/folders_subscribe.php, (11) src/move_messages.php, (12)\nsrc/options.php, (13) src/options_highlight.php, (14)\nsrc/options_identities.php, (15) src/options_order.php, (16)\nsrc/search.php, and (17) src/vcard.php.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/squirrelmail/+bug/446838>\n", "cvss3": {}, "published": "2009-08-25T00:00:00", "type": "ubuntucve", "title": "CVE-2009-2964", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-2964"], "modified": "2009-08-25T00:00:00", "id": "UB:CVE-2009-2964", "href": "https://ubuntu.com/security/CVE-2009-2964", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:26:49", "description": "functions/imap_general.php in SquirrelMail, as used in Red Hat Enterprise\nLinux (RHEL) 4 and 5, does not properly handle 8-bit characters in\npasswords, which allows remote attackers to cause a denial of service (disk\nconsumption) by making many IMAP login attempts with different usernames,\nleading to the creation of many preference files. NOTE: this issue exists\nbecause of an incorrect fix for CVE-2010-2813.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | Red Hat specific - ignoring.\n", "cvss3": {}, "published": "2013-01-18T00:00:00", "type": "ubuntucve", "title": "CVE-2012-2124", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2013-01-18T00:00:00", "id": "UB:CVE-2012-2124", "href": "https://ubuntu.com/security/CVE-2012-2124", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:36:18", "description": "functions/imap_general.php in SquirrelMail before 1.4.21 does not properly\nhandle 8-bit characters in passwords, which allows remote attackers to\ncause a denial of service (disk consumption) by making many IMAP login\nattempts with different usernames, leading to the creation of many\npreferences files.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=618096>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | Note that Red Hat Security Advisory RHSA-2012:010 was incomplete (see CVE-2012-2124)\n", "cvss3": {}, "published": "2010-08-19T00:00:00", "type": "ubuntucve", "title": "CVE-2010-2813", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-2813", "CVE-2012-2124"], "modified": "2010-08-19T00:00:00", "id": "UB:CVE-2010-2813", "href": "https://ubuntu.com/security/CVE-2010-2813", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "cvss3": {}, "published": "2010-08-12T04:11:47", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: squirrelmail-1.4.21-1.fc13", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813"], "modified": "2010-08-12T04:11:47", "id": "FEDORA:D55C11113FA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KP4BGBD6BJQC32GBLWVFCH3MIGDVILSC/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no JavaScript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "cvss3": {}, "published": "2010-08-12T04:08:08", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: squirrelmail-1.4.21-1.fc12", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1637", "CVE-2010-2813"], "modified": "2010-08-12T04:08:08", "id": "FEDORA:1D01A11130D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MFYDOSVXYBWHPQM4YMY43TWBYPM3QXQJ/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}]}

Debian DSA-2091-1 : squirrelmail - No user-specific token implemented

Description

Related