{"id": "FEDORA_2008-8559.NASL", "bulletinFamily": "scanner", "title": "Fedora 9 : squirrelmail-1.4.16-1.fc9 (2008-8559)", "description": "rebase to 1.4.16\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2008-10-24T00:00:00", "modified": "2008-10-24T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/34479", "reporter": "This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.", "references": ["http://www.nessus.org/u?cd558b4e", "https://bugzilla.redhat.com/show_bug.cgi?id=464183"], "cvelist": ["CVE-2008-3663"], "type": "nessus", "lastseen": "2021-01-12T10:06:42", "edition": 23, "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-3663"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:9305", "SECURITYVULNS:DOC:20562"]}, {"type": "openvas", "idList": ["OPENVAS:880721", "OPENVAS:136141256231063177", "OPENVAS:860550", "OPENVAS:880932", "OPENVAS:63445", "OPENVAS:61655", "OPENVAS:860251", "OPENVAS:63134", "OPENVAS:1361412562310880721", "OPENVAS:136141256231063445"]}, {"type": "fedora", "idList": ["FEDORA:9407B10F8B4", "FEDORA:941A010F80E", "FEDORA:45570208974", "FEDORA:733C1208CC7", "FEDORA:8386D208203", "FEDORA:53F022086F7"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2009-0010.NASL", "SUSE_SQUIRRELMAIL-5792.NASL", "SUSE_SQUIRRELMAIL-5778.NASL", "SQUIRRELMAIL_INSECURE_HTTPS_COOKIE.NASL", "SUSE_SQUIRRELMAIL-5978.NASL", "REDHAT-RHSA-2009-0010.NASL", "FREEBSD_PKG_A0AFB4B989A111DDA65B00163E000016.NASL", "CENTOS_RHSA-2009-0010.NASL", "SL_20090112_SQUIRRELMAIL_ON_SL3_X.NASL", "FEDORA_2008-9071.NASL"]}, {"type": "freebsd", "idList": ["A0AFB4B9-89A1-11DD-A65B-00163E000016"]}, {"type": "seebug", "idList": ["SSV:4796", "SSV:4093"]}, {"type": "centos", "idList": ["CESA-2009:0010"]}, {"type": "redhat", "idList": ["RHSA-2009:0010"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0010", "ELSA-2009-0057"]}], "modified": "2021-01-12T10:06:42", "rev": 2}, "score": {"value": 5.5, "vector": "NONE", "modified": "2021-01-12T10:06:42", "rev": 2}, "vulnersScore": 5.5}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-8559.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34479);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3663\");\n script_xref(name:\"FEDORA\", value:\"2008-8559\");\n\n script_name(english:\"Fedora 9 : squirrelmail-1.4.16-1.fc9 (2008-8559)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"rebase to 1.4.16\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=464183\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-October/015601.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd558b4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"squirrelmail-1.4.16-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "34479", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:9"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:35:15", "description": "Squirrelmail 1.4.15 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers to capture this cookie.", "edition": 4, "cvss3": {}, "published": "2008-09-24T14:56:00", "title": "CVE-2008-3663", "type": "cve", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-3663"], "modified": "2018-10-11T20:49:00", "cpe": ["cpe:/a:squirrelmail:squirrelmail:1.4.15"], "id": "CVE-2008-3663", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3663", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:10:27", "bulletinFamily": "software", "cvelist": ["CVE-2008-3663"], "description": "Squirrelmail: Session hijacking vulnerability, CVE-2008-3663\r\n\r\nReferences\r\n\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3663\r\nhttp://int21.de/cve/CVE-2008-3663-squirrelmail.html\r\nhttp://enablesecurity.com/2008/08/11/surf-jack-https-will-not-save-you/\r\nhttps://www.defcon.org/html/defcon-16/dc-16-speakers.html#Perry\r\n\r\nDescription\r\n\r\nWhen configuring a web application to use only ssl &#40;e. g. by forwarding all \r\nhttp-requests to https&#41;, a user would expect that sniffing and hijacking the \r\nsession is impossible.\r\n\r\nThough, for this to be secure, one needs to set the session cookie to have the \r\nsecure flag. Else the cookie will be transferred through http if the victim&#39;s \r\nbrowser does a single http-request on the same domain.\r\n\r\nSquirrelmail does not set that flag. It is fixed in the 1.5 test versions, but \r\ncurrent 1.4.15 is vulnerable.\r\n\r\nDisclosure Timeline\r\n\r\n2008-08-12: Vendor contacted\r\n2008-09-23 Published advisory\r\n\r\nCredits and copyright\r\n\r\nThis vulnerability was discovered by Hanno Boeck of schokokeks.org webhosting. \r\nIt&#39;s licensed under the creative commons attribution license.\r\n\r\nHanno Boeck, http://www.hboeck.de\r\n-- \r\nHanno Bock Blog: http://www.hboeck.de/\r\nGPG: 3DBD3B20 Jabber/Mail: hanno@hboeck.de", "edition": 1, "modified": "2008-09-24T00:00:00", "published": "2008-09-24T00:00:00", "id": "SECURITYVULNS:DOC:20562", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:20562", "title": "Squirrelmail: Session hijacking vulnerability, CVE-2008-3663", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:30", "bulletinFamily": "software", "cvelist": ["CVE-2008-3197", "CVE-2008-3661", "CVE-2008-3332", "CVE-2008-3663", "CVE-2008-4688", "CVE-2008-3098", "CVE-2008-3331", "CVE-2008-3102", "CVE-2008-4687", "CVE-2008-2276", "CVE-2008-4689", "CVE-2008-3333", "CVE-2008-3457", "CVE-2008-4096", "CVE-2008-3714", "CVE-2008-3456"], "description": "PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.", "edition": 1, "modified": "2008-09-24T00:00:00", "published": "2008-09-24T00:00:00", "id": "SECURITYVULNS:VULN:9305", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9305", "title": "Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;", "type": "securityvulns", "cvss": {"score": 9.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-04-06T11:39:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:053.", "modified": "2018-04-06T00:00:00", "published": "2009-03-02T00:00:00", "id": "OPENVAS:136141256231063445", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063445", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:053 (squirrelmail)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_053.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:053 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been identified and corrected in squirrelmail:\n\nSquirrelmail 1.4.15 does not set the secure flag for the session\ncookie in an https session, which can cause the cookie to be sent in\nhttp requests and make it easier for remote attackers to capture this\ncookie (CVE-2008-3663).\n\nAdditionally many of the bundled plugins has been upgraded. The\nlocalization has also been upgraded. Basically this is a synchronization\nwith the latest squirrelmail package found in Mandriva Cooker. The\nrpm changelog will reveal all the changes (rpm -q --changelog\nsquirrelmail).\n\nThe updated packages have been upgraded to the latest version of\nsquirrelmail to prevent this.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:053\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:053.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63445\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-3663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:053 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-02T21:10:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-30T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:61655", "href": "http://plugins.openvas.org/nasl.php?oid=61655", "type": "openvas", "title": "FreeBSD Ports: squirrelmail", "sourceData": "#\n#VID a0afb4b9-89a1-11dd-a65b-00163e000016\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID a0afb4b9-89a1-11dd-a65b-00163e000016\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: squirrelmail\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://seclists.org/bugtraq/2008/Sep/0239.html\nhttp://www.vuxml.org/freebsd/a0afb4b9-89a1-11dd-a65b-00163e000016.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(61655);\n script_version(\"$Revision: 4188 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-30 07:56:47 +0200 (Fri, 30 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 17:42:31 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-3663\");\n script_bugtraq_id(31321);\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"FreeBSD Ports: squirrelmail\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"squirrelmail\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.4.15_1\")<=0) {\n txt += 'Package squirrelmail version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:57:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "description": "Check for the Version of squirrelmail", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860550", "href": "http://plugins.openvas.org/nasl.php?oid=860550", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2008-8559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2008-8559\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 9\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no Javascript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00661.html\");\n script_id(860550);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:05:11 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2008-8559\");\n script_cve_id(\"CVE-2008-3663\");\n script_name( \"Fedora Update for squirrelmail FEDORA-2008-8559\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC9\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.16~1.fc9\", rls:\"FC9\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:56:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "description": "The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:053.", "modified": "2017-07-07T00:00:00", "published": "2009-03-02T00:00:00", "id": "OPENVAS:63445", "href": "http://plugins.openvas.org/nasl.php?oid=63445", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:053 (squirrelmail)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_053.nasl 6587 2017-07-07 06:35:35Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:053 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been identified and corrected in squirrelmail:\n\nSquirrelmail 1.4.15 does not set the secure flag for the session\ncookie in an https session, which can cause the cookie to be sent in\nhttp requests and make it easier for remote attackers to capture this\ncookie (CVE-2008-3663).\n\nAdditionally many of the bundled plugins has been upgraded. The\nlocalization has also been upgraded. Basically this is a synchronization\nwith the latest squirrelmail package found in Mandriva Cooker. The\nrpm changelog will reveal all the changes (rpm -q --changelog\nsquirrelmail).\n\nThe updated packages have been upgraded to the latest version of\nsquirrelmail to prevent this.\n\nAffected: Corporate 4.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:053\";\ntag_summary = \"The remote host is missing an update to squirrelmail\nannounced via advisory MDVSA-2009:053.\";\n\n \n\nif(description)\n{\n script_id(63445);\n script_version(\"$Revision: 6587 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 08:35:35 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-02 19:11:09 +0100 (Mon, 02 Mar 2009)\");\n script_cve_id(\"CVE-2008-3663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:053 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ar\", rpm:\"squirrelmail-ar~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bg\", rpm:\"squirrelmail-bg~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-bn\", rpm:\"squirrelmail-bn~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ca\", rpm:\"squirrelmail-ca~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cs\", rpm:\"squirrelmail-cs~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cy\", rpm:\"squirrelmail-cy~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-cyrus\", rpm:\"squirrelmail-cyrus~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-da\", rpm:\"squirrelmail-da~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-de\", rpm:\"squirrelmail-de~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-el\", rpm:\"squirrelmail-el~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-en\", rpm:\"squirrelmail-en~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-es\", rpm:\"squirrelmail-es~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-et\", rpm:\"squirrelmail-et~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-eu\", rpm:\"squirrelmail-eu~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fa\", rpm:\"squirrelmail-fa~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fi\", rpm:\"squirrelmail-fi~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fo\", rpm:\"squirrelmail-fo~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fr\", rpm:\"squirrelmail-fr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-fy\", rpm:\"squirrelmail-fy~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-he\", rpm:\"squirrelmail-he~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hr\", rpm:\"squirrelmail-hr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-hu\", rpm:\"squirrelmail-hu~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-id\", rpm:\"squirrelmail-id~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-is\", rpm:\"squirrelmail-is~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-it\", rpm:\"squirrelmail-it~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ja\", rpm:\"squirrelmail-ja~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ka\", rpm:\"squirrelmail-ka~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ko\", rpm:\"squirrelmail-ko~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-lt\", rpm:\"squirrelmail-lt~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ms\", rpm:\"squirrelmail-ms~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nb\", rpm:\"squirrelmail-nb~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nl\", rpm:\"squirrelmail-nl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-nn\", rpm:\"squirrelmail-nn~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pl\", rpm:\"squirrelmail-pl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-poutils\", rpm:\"squirrelmail-poutils~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-pt\", rpm:\"squirrelmail-pt~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ro\", rpm:\"squirrelmail-ro~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ru\", rpm:\"squirrelmail-ru~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sk\", rpm:\"squirrelmail-sk~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sl\", rpm:\"squirrelmail-sl~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sr\", rpm:\"squirrelmail-sr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-sv\", rpm:\"squirrelmail-sv~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-th\", rpm:\"squirrelmail-th~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-tr\", rpm:\"squirrelmail-tr~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-ug\", rpm:\"squirrelmail-ug~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-uk\", rpm:\"squirrelmail-uk~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-vi\", rpm:\"squirrelmail-vi~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_CN\", rpm:\"squirrelmail-zh_CN~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail-zh_TW\", rpm:\"squirrelmail-zh_TW~1.4.17~0.1.20060mlcs4\", rls:\"MNDK_4.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:56:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2007-6348"], "description": "Check for the Version of squirrelmail", "modified": "2017-07-10T00:00:00", "published": "2009-02-17T00:00:00", "id": "OPENVAS:860251", "href": "http://plugins.openvas.org/nasl.php?oid=860251", "type": "openvas", "title": "Fedora Update for squirrelmail FEDORA-2008-9071", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for squirrelmail FEDORA-2008-9071\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"squirrelmail on Fedora 8\";\ntag_insight = \"SquirrelMail is a basic webmail package written in PHP4. It\n includes built-in pure PHP support for the IMAP and SMTP protocols, and\n all pages render in pure HTML 4.0 (with no Javascript) for maximum\n compatibility across browsers. It has very few requirements and is very\n easy to configure and install.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00735.html\");\n script_id(860251);\n script_version(\"$Revision: 6623 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:10:20 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-17 17:07:33 +0100 (Tue, 17 Feb 2009)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2008-9071\");\n script_cve_id(\"CVE-2008-3663\", \"CVE-2007-6348\");\n script_name( \"Fedora Update for squirrelmail FEDORA-2008-9071\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC8\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.16~1.fc8\", rls:\"FC8\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "Oracle Linux Local Security Checks ELSA-2009-0010", "modified": "2018-09-28T00:00:00", "published": "2015-10-08T00:00:00", "id": "OPENVAS:1361412562310122528", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122528", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0010", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0010.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122528\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:20 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0010\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0010 - squirrelmail security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0010\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0010.html\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.0.1.el5_2.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-25T10:56:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:0010.", "modified": "2017-07-10T00:00:00", "published": "2009-01-13T00:00:00", "id": "OPENVAS:63177", "href": "http://plugins.openvas.org/nasl.php?oid=63177", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0010 (squirrelmail)", "sourceData": "#CESA-2009:0010 63177 10\n# $Id: ovcesa2009_0010.nasl 6650 2017-07-10 11:43:12Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0010 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0010\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0010\nhttps://rhn.redhat.com/errata/RHSA-2009-0010.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:0010.\";\n\n\n\nif(description)\n{\n script_id(63177);\n script_version(\"$Revision: 6650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:43:12 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Security Advisory CESA-2009:0010 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~8.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4.centos.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.c4.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~9.el3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-04-06T11:39:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:0010.", "modified": "2018-04-06T00:00:00", "published": "2009-01-13T00:00:00", "id": "OPENVAS:136141256231063177", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063177", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0010 (squirrelmail)", "sourceData": "#CESA-2009:0010 63177 10\n# $Id: ovcesa2009_0010.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0010 (squirrelmail)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0010\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0010\nhttps://rhn.redhat.com/errata/RHSA-2009-0010.html\";\ntag_summary = \"The remote host is missing updates to squirrelmail announced in\nadvisory CESA-2009:0010.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63177\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-01-13 22:38:32 +0100 (Tue, 13 Jan 2009)\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_name(\"CentOS Security Advisory CESA-2009:0010 (squirrelmail)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~8.el3.centos.1\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.2\", rls:\"CentOS5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el4.centos.2\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.c4.3\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~9.el3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:55:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "Check for the Version of squirrelmail", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880850", "href": "http://plugins.openvas.org/nasl.php?oid=880850", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:0010 centos3 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:0010 centos3 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is an easy-to-configure, standards-based, webmail package\n written in PHP. It includes built-in PHP support for the IMAP and SMTP\n protocols, and pure HTML 4.0 page-rendering (with no JavaScript required)\n for maximum browser-compatibility, strong MIME support, address books, and\n folder manipulation.\n\n Ivan Markovic discovered a cross-site scripting (XSS) flaw in SquirrelMail\n caused by insufficient HTML mail sanitization. A remote attacker could send\n a specially-crafted HTML mail or attachment that could cause a user's Web\n browser to execute a malicious script in the context of the SquirrelMail\n session when that email or attachment was opened by the user.\n (CVE-2008-2379)\n \n It was discovered that SquirrelMail allowed cookies over insecure\n connections (ie did not restrict cookies to HTTPS connections). An attacker\n who controlled the communication channel between a user and the\n SquirrelMail server, or who was able to sniff the user's network\n communication, could use this flaw to obtain the user's session cookie, if\n a user made an HTTP request to the server. (CVE-2008-3663)\n \n Note: After applying this update, all session cookies set for SquirrelMail\n sessions started over HTTPS connections will have the &quot;secure&quot; flag set.\n That is, browsers will only send such cookies over an HTTPS connection. If\n needed, you can revert to the previous behavior by setting the\n configuration option &quot;$only_secure_cookies&quot; to &quot;false&quot; in SquirrelMail's\n /etc/squirrelmail/config.php configuration file.\n \n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 3\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-January/015540.html\");\n script_id(880850);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2009:0010\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:0010 centos3 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS3\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~8.el3.centos.1\", rls:\"CentOS3\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-25T10:55:56", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "Check for the Version of squirrelmail", "modified": "2017-07-10T00:00:00", "published": "2011-08-09T00:00:00", "id": "OPENVAS:880721", "href": "http://plugins.openvas.org/nasl.php?oid=880721", "type": "openvas", "title": "CentOS Update for squirrelmail CESA-2009:0010 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for squirrelmail CESA-2009:0010 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"SquirrelMail is an easy-to-configure, standards-based, webmail package\n written in PHP. It includes built-in PHP support for the IMAP and SMTP\n protocols, and pure HTML 4.0 page-rendering (with no JavaScript required)\n for maximum browser-compatibility, strong MIME support, address books, and\n folder manipulation.\n\n Ivan Markovic discovered a cross-site scripting (XSS) flaw in SquirrelMail\n caused by insufficient HTML mail sanitization. A remote attacker could send\n a specially-crafted HTML mail or attachment that could cause a user's Web\n browser to execute a malicious script in the context of the SquirrelMail\n session when that email or attachment was opened by the user.\n (CVE-2008-2379)\n \n It was discovered that SquirrelMail allowed cookies over insecure\n connections (ie did not restrict cookies to HTTPS connections). An attacker\n who controlled the communication channel between a user and the\n SquirrelMail server, or who was able to sniff the user's network\n communication, could use this flaw to obtain the user's session cookie, if\n a user made an HTTP request to the server. (CVE-2008-3663)\n \n Note: After applying this update, all session cookies set for SquirrelMail\n sessions started over HTTPS connections will have the &quot;secure&quot; flag set.\n That is, browsers will only send such cookies over an HTTPS connection. If\n needed, you can revert to the previous behavior by setting the\n configuration option &quot;$only_secure_cookies&quot; to &quot;false&quot; \n in SquirrelMail's /etc/squirrelmail/config.php configuration file.\n \n Users of squirrelmail should upgrade to this updated package, which\n contains backported patches to correct these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"squirrelmail on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2009-January/015546.html\");\n script_id(880721);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"CESA\", value: \"2009:0010\");\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_name(\"CentOS Update for squirrelmail CESA-2009:0010 centos5 i386\");\n\n script_summary(\"Check for the Version of squirrelmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"squirrelmail\", rpm:\"squirrelmail~1.4.8~5.el5.centos.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3663"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2008-10-23T16:35:48", "published": "2008-10-23T16:35:48", "id": "FEDORA:733C1208CC7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: squirrelmail-1.4.16-1.fc9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6348", "CVE-2008-3663"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2008-10-24T23:48:16", "published": "2008-10-24T23:48:16", "id": "FEDORA:8386D208203", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: squirrelmail-1.4.16-1.fc8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2379", "CVE-2008-3663"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2008-12-07T04:13:16", "published": "2008-12-07T04:13:16", "id": "FEDORA:53F022086F7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: squirrelmail-1.4.17-1.fc9", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2007-6348", "CVE-2008-2379", "CVE-2008-3663"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2008-12-07T04:33:45", "published": "2008-12-07T04:33:45", "id": "FEDORA:45570208974", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 8 Update: squirrelmail-1.4.17-1.fc8", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2379", "CVE-2008-3663", "CVE-2009-1578", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2009-05-13T00:21:12", "published": "2009-05-13T00:21:12", "id": "FEDORA:941A010F80E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: squirrelmail-1.4.18-1.fc9", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2379", "CVE-2008-3663", "CVE-2009-1381", "CVE-2009-1579", "CVE-2009-1580", "CVE-2009-1581"], "description": "SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no Javascript) for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. ", "modified": "2009-05-25T21:19:28", "published": "2009-05-25T21:19:28", "id": "FEDORA:9407B10F8B4", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: squirrelmail-1.4.19-1.fc9", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:23", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3663"], "description": "\nHanno Boeck reports:\n\nWhen configuring a web application to use only ssl (e.g. by\n\t forwarding all http-requests to https), a user would expect that\n\t sniffing and hijacking the session is impossible.\nThough, for this to be secure, one needs to set the session\n\t cookie to have the secure flag. Otherwise the cookie will be\n\t transferred through HTTP if the victim's browser does a single\n\t HTTP request on the same domain.\nSquirrelmail does not set that flag. It is fixed in the 1.5\n\t test versions, but current 1.4.15 is vulnerable.\n\n", "edition": 4, "modified": "2008-08-12T00:00:00", "published": "2008-08-12T00:00:00", "id": "A0AFB4B9-89A1-11DD-A65B-00163E000016", "href": "https://vuxml.freebsd.org/freebsd/a0afb4b9-89a1-11dd-a65b-00163e000016.html", "title": "squirrelmail -- Session hijacking vulnerability", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "seebug": [{"lastseen": "2017-11-19T21:30:44", "description": "BUGTRAQ ID: 31321\r\nCVE ID\uff1aCVE-2008-3663\r\nCNCVE ID\uff1aCNCVE-20083663\r\n\r\nSquirrelMail\u662f\u4e00\u6b3e\u57fa\u4e8ePHP\u7684WEB\u90ae\u4ef6\u670d\u52a1\u7a0b\u5e8f\u3002\r\nSquirrelMail\u4e0d\u5b89\u5168\u5904\u7406COOKIE\u6570\u636e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u83b7\u5f97\u654f\u611f\u4fe1\u606f\uff0c\u7a83\u53d6COOKIE\u9a8c\u8bc1\u654f\u611f\u6761\u6587\uff0c\u8fdb\u884c\u4f1a\u8bdd\u52ab\u6301\u653b\u51fb\u3002\r\n\u5f53\u914d\u7f6eWEB\u5e94\u7528\u7a0b\u5e8f\u53ea\u4f7f\u7528SSL\u65f6(\u5982\u8f6c\u5411\u6240\u6709HTTP\u8bf7\u6c42\u5230HTTPS)\uff0c\u7528\u6237\u53ef\u4ee5\u4e0d\u80fd\u901a\u8fc7\u55c5\u63a2\u6765\u8fdb\u884c\u622a\u83b7\u3002\r\n\u8981\u56e0\u6b64\u53d8\u7684\u66f4\u5b89\u5168\uff0c\u9700\u8981\u8bbe\u7f6e\u4f1a\u8bddCOOKIE\u6807\u6709\u5b89\u5168\u6807\u8bb0\uff0c\u5426\u5219\u5982\u679c\u76ee\u6807\u7528\u6237\u6d4f\u89c8\u5668\u5728\u540c\u4e00\u57df\u4e0a\u53ea\u8fdb\u884c\u5355\u4e2aHTTP\u8bf7\u6c42\uff0cCOOKIE\u4f1a\u901a\u8fc7HTTP\u4f20\u9001\u3002\r\nSquirrelmail\u6ca1\u6709\u8bbe\u7f6e\u6b64\u6807\u8bb0\uff0c\u53ef\u5bfc\u81f4\u901a\u8fc7HTTP\u4f20\u9001\u7684COOKIE\u88ab\u55c5\u63a2\u5230\u3002\r\n\r\n \n\nSquirrelMail 1.4.15\n \u6839\u636e\u62a5\u544aSquirrelmail 1.5 test\u7248\u672c\u5df2\u7ecf\u4fee\u6b63\u6b64\u6f0f\u6d1e\uff1a\r\n<a href=http://www.squirrelmail.org/ target=_blank>http://www.squirrelmail.org/</a>", "published": "2008-09-25T00:00:00", "title": "SquirrelMail\u4e0d\u5b89\u5168COOKE\u6cc4\u6f0f\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-3663"], "modified": "2008-09-25T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4093", "id": "SSV:4093", "sourceData": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T19:02:02", "description": "BUGTRAQ ID: 33354\r\nCVE(CAN) ID: CVE-2009-0030\r\n\r\nSquirrelMail\u662f\u4e00\u6b3ePHP\u7f16\u5199\u7684WEBMAIL\u7a0b\u5e8f\u3002\r\n\r\nRed Hat\u4e3aCVE-2008-3663\u6240\u63d0\u4f9b\u7684\u4fee\u590d\u5bfc\u81f4SquirrelMail\u5bf9\u6240\u6709\u7684\u4f1a\u8bdd\u90fd\u8bbe\u7f6e\u4e86\u76f8\u540c\u7684SQMSESSID Cookie\u503c\uff0c\u8fd9\u5141\u8bb8\u901a\u8fc7\u8ba4\u8bc1\u7684\u8fdc\u7a0b\u7528\u6237\u901a\u8fc7\u4f7f\u7528\u6807\u51c6\u7684webmail.php\u63a5\u53e3\u8bbf\u95ee\u5176\u4ed6\u7528\u6237\u7684\u6587\u4ef6\u5939\u5217\u8868\u548c\u914d\u7f6e\u6570\u636e\u3002\n\nSquirrelMail 1.4.8\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:0057-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:0057-01\uff1aImportant: squirrelmail security update\r\n\u94fe\u63a5\uff1a<a href=https://www.redhat.com/support/errata/RHSA-2009-0057.html target=_blank rel=external nofollow>https://www.redhat.com/support/errata/RHSA-2009-0057.html</a>", "published": "2009-02-19T00:00:00", "type": "seebug", "title": "SquirrelMail\u8f6f\u4ef6\u5305\u4f1a\u8bdd\u5904\u7406\u7ed5\u8fc7\u8ba4\u8bc1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-3663", "CVE-2009-0030"], "modified": "2009-02-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4796", "id": "SSV:4796", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-12T10:06:44", "description": "update to 1.4.16 fixes CVE-2008-3663\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2008-10-27T00:00:00", "title": "Fedora 8 : squirrelmail-1.4.16-1.fc8 (2008-9071)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "modified": "2008-10-27T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:squirrelmail", "cpe:/o:fedoraproject:fedora:8"], "id": "FEDORA_2008-9071.NASL", "href": "https://www.tenable.com/plugins/nessus/34493", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2008-9071.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34493);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2008-3663\");\n script_xref(name:\"FEDORA\", value:\"2008-9071\");\n\n script_name(english:\"Fedora 8 : squirrelmail-1.4.16-1.fc8 (2008-9071)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"update to 1.4.16 fixes CVE-2008-3663\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=464183\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2008-October/015675.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?da2c366d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:8\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/10/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 8.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC8\", reference:\"squirrelmail-1.4.16-1.fc8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:47:11", "description": "Squirrelmail was updated to use the secure flag for its cookies.\nOtherwise it was possible to hijack a SSL-protected session via leaked\ncookies. (CVE-2008-3663)", "edition": 23, "published": "2008-11-18T00:00:00", "title": "openSUSE 10 Security Update : squirrelmail (squirrelmail-5778)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "modified": "2008-11-18T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:squirrelmail"], "id": "SUSE_SQUIRRELMAIL-5778.NASL", "href": "https://www.tenable.com/plugins/nessus/34814", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update squirrelmail-5778.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34814);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3663\");\n\n script_name(english:\"openSUSE 10 Security Update : squirrelmail (squirrelmail-5778)\");\n script_summary(english:\"Check for the squirrelmail-5778 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squirrelmail was updated to use the secure flag for its cookies.\nOtherwise it was possible to hijack a SSL-protected session via leaked\ncookies. (CVE-2008-3663)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"squirrelmail-1.4.9a-2.10\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"squirrelmail-1.4.10a-45.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-20T14:28:54", "description": "The version of SquirrelMail installed on the remote host does not set\nthe 'secure' flag for session cookies established when communicating\nover SSL / TLS. This could lead to disclosure of those cookies if a\nuser issues a request to a host in the same domain over HTTP (as\nopposed to HTTPS).", "edition": 27, "published": "2009-02-12T00:00:00", "title": "SquirrelMail HTTPS Session Cookie Secure Flag Weakness", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "modified": "2009-02-12T00:00:00", "cpe": ["cpe:/a:squirrelmail:squirrelmail"], "id": "SQUIRRELMAIL_INSECURE_HTTPS_COOKIE.NASL", "href": "https://www.tenable.com/plugins/nessus/35661", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\n\nif (description)\n{\n script_id(35661);\n script_version(\"1.12\");\n\n script_cve_id(\"CVE-2008-3663\");\n script_bugtraq_id(31321);\n\n script_name(english:\"SquirrelMail HTTPS Session Cookie Secure Flag Weakness\");\n script_summary(english:\"Looks for 'secure' flag in Squirrelmail cookie\");\n\n script_set_attribute( attribute:\"synopsis\", value:\n\"The remote web server contains a PHP application that handles session\ncookies insecurely.\" );\n script_set_attribute( attribute:\"description\", value:\n\"The version of SquirrelMail installed on the remote host does not set\nthe 'secure' flag for session cookies established when communicating\nover SSL / TLS. This could lead to disclosure of those cookies if a\nuser issues a request to a host in the same domain over HTTP (as\nopposed to HTTPS).\" );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://int21.de/cve/CVE-2008-3663-squirrelmail.html\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"https://www.securityfocus.com/archive/1/496601/30/0/threaded\"\n );\n script_set_attribute(\n attribute:\"see_also\", \n value:\"http://www.squirrelmail.org/security/issue/2008-09-28\"\n );\n script_set_attribute( attribute:\"solution\", value:\n\"Upgrade to SquirrelMail version 1.4.16 or later and ensure that the\n'only_secure_cookies' configuration option is set to 'true'.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(310);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/02/12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:squirrelmail:squirrelmail\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"squirrelmail_detect.nasl\");\n script_exclude_keys(\"Settings/disable_cgi_scanning\");\n script_require_ports(\"Services/www\", 443);\n script_require_keys(\"www/squirrelmail\");\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\n\n\nport = get_http_port(default:443);\nif (!get_port_state(port)) exit(0);\nif (!can_host_php(port:port)) exit(0);\n\n\n# NB: we only care about TLS / SSL.\nencaps = get_kb_item(\"Transports/TCP/\"+port);\nif (encaps && (encaps < ENCAPS_SSLv2 || encaps > ENCAPS_TLSv1)) exit(0);\n\n\ncookie_name = \"SQMSESSID\";\n\n\n# Test an install.\ninstall = get_kb_item(string(\"www/\", port, \"/squirrelmail\"));\nif (isnull(install)) exit(0);\nmatches = eregmatch(string:install, pattern:\"^(.+) under (/.*)$\");\nif (!isnull(matches))\n{\n # Request the login page and check for the 'secure' flag.\n dir = matches[2];\n url = string(dir, \"/src/login.php\");\n\n init_cookiejar();\n res = http_send_recv3(method:\"GET\", item:url, port:port);\n if (res == NULL) exit(0);\n\n insecure = NULL;\n sqm_cookies = get_http_cookie_keys(name_re:cookie_name);\n if (!isnull(sqm_cookies) && max_index(sqm_cookies))\n {\n foreach key (sqm_cookies)\n {\n cookie = get_http_cookie_from_key(key);\n if (!cookie[\"secure\"])\n {\n insecure = cookie[\"value\"];\n break;\n }\n }\n }\n\n # There's a problem if it wasn't set.\n if (!isnull(insecure))\n {\n if (report_verbosity)\n {\n cookie_hdrs = \"\";\n foreach line (split(res[1]))\n if (line =~ \"^Set-Cookie\" && string(cookie_name, \"=\", insecure) >< line) cookie_hdrs += ' ' + line;\n\n if (max_index(split(cookie_hdrs)) > 1) s = \"s\";\n else s = \"\";\n\n report = string(\n \"\\n\",\n \"Requesting SquirrelMail's login page produced a response with the\\n\",\n \"following insecure Cookie header\", s, \" :\\n\",\n \"\\n\",\n cookie_hdrs\n );\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n\n exit(0);\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:47:11", "description": "Squirrelmail was updated to use the secure flag for its cookies.\nOtherwise it was possible to hijack a SSL-protected session via leaked\ncookies. (CVE-2008-3663)\n\nThe previous update for the problem above contained a typo which broke\nsquirrelmail.", "edition": 24, "published": "2008-11-21T00:00:00", "title": "openSUSE 10 Security Update : squirrelmail (squirrelmail-5792)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "modified": "2008-11-21T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.2", "p-cpe:/a:novell:opensuse:squirrelmail"], "id": "SUSE_SQUIRRELMAIL-5792.NASL", "href": "https://www.tenable.com/plugins/nessus/34848", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update squirrelmail-5792.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34848);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3663\");\n\n script_name(english:\"openSUSE 10 Security Update : squirrelmail (squirrelmail-5792)\");\n script_summary(english:\"Check for the squirrelmail-5792 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Squirrelmail was updated to use the secure flag for its cookies.\nOtherwise it was possible to hijack a SSL-protected session via leaked\ncookies. (CVE-2008-3663)\n\nThe previous update for the problem above contained a typo which broke\nsquirrelmail.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/11/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"squirrelmail-1.4.9a-2.12\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-07T10:48:38", "description": "Hanno Boeck reports :\n\nWhen configuring a web application to use only ssl (e.g. by forwarding\nall http-requests to https), a user would expect that sniffing and\nhijacking the session is impossible.\n\nThough, for this to be secure, one needs to set the session cookie to\nhave the secure flag. Otherwise the cookie will be transferred through\nHTTP if the victim's browser does a single HTTP request on the same\ndomain.\n\nSquirrelmail does not set that flag. It is fixed in the 1.5 test\nversions, but current 1.4.15 is vulnerable.", "edition": 27, "published": "2008-09-24T00:00:00", "title": "FreeBSD : squirrelmail -- Session hijacking vulnerability (a0afb4b9-89a1-11dd-a65b-00163e000016)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663"], "modified": "2008-09-24T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:squirrelmail"], "id": "FREEBSD_PKG_A0AFB4B989A111DDA65B00163E000016.NASL", "href": "https://www.tenable.com/plugins/nessus/34271", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(34271);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-3663\");\n script_bugtraq_id(31321);\n\n script_name(english:\"FreeBSD : squirrelmail -- Session hijacking vulnerability (a0afb4b9-89a1-11dd-a65b-00163e000016)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hanno Boeck reports :\n\nWhen configuring a web application to use only ssl (e.g. by forwarding\nall http-requests to https), a user would expect that sniffing and\nhijacking the session is impossible.\n\nThough, for this to be secure, one needs to set the session cookie to\nhave the secure flag. Otherwise the cookie will be transferred through\nHTTP if the victim's browser does a single HTTP request on the same\ndomain.\n\nSquirrelmail does not set that flag. It is fixed in the 1.5 test\nversions, but current 1.4.15 is vulnerable.\"\n );\n # http://seclists.org/bugtraq/2008/Sep/0239.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://seclists.org/bugtraq/2008/Sep/0239.html\"\n );\n # https://vuxml.freebsd.org/freebsd/a0afb4b9-89a1-11dd-a65b-00163e000016.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d6eee1c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/08/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"squirrelmail<=1.4.15_1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T14:47:11", "description": "This update of squirrelmail corrects a problem introduced by a patch\nfor CVE-2008-3663 that caused cookies to be static. (CVE-2009-0030)", "edition": 24, "published": "2009-02-05T00:00:00", "title": "openSUSE 10 Security Update : squirrelmail (squirrelmail-5978)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2009-0030"], "modified": "2009-02-05T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:squirrelmail"], "id": "SUSE_SQUIRRELMAIL-5978.NASL", "href": "https://www.tenable.com/plugins/nessus/35598", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update squirrelmail-5978.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35598);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-3663\", \"CVE-2009-0030\");\n\n script_name(english:\"openSUSE 10 Security Update : squirrelmail (squirrelmail-5978)\");\n script_summary(english:\"Check for the squirrelmail-5978 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of squirrelmail corrects a problem introduced by a patch\nfor CVE-2008-3663 that caused cookies to be static. (CVE-2009-0030)\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_cwe_id(287, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"squirrelmail-1.4.17-0.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:30", "description": "An updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "edition": 28, "published": "2009-01-13T00:00:00", "title": "CentOS 3 / 4 / 5 : squirrelmail (CESA-2009:0010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "modified": "2009-01-13T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:squirrelmail", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/35353", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0010 and \n# CentOS Errata and Security Advisory 2009:0010 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35353);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_bugtraq_id(31321);\n script_xref(name:\"RHSA\", value:\"2009:0010\");\n\n script_name(english:\"CentOS 3 / 4 / 5 : squirrelmail (CESA-2009:0010)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015597.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?99f369e7\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-February/015599.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cba97249\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015540.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?022d4f81\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015541.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?516756cb\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015546.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?445886da\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015547.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e77f9f9\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015554.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44314620\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-January/015555.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1a862959\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-8.el3.centos.1\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"ia64\", reference:\"squirrelmail-1.4.8-9.el3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-8.el3.centos.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-5.el4.centos.2\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"squirrelmail-1.4.8-5.c4.3\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-5.el4.centos.2\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"squirrelmail-1.4.8-5.el5.centos.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:06:26", "description": "An updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "edition": 28, "published": "2009-01-13T00:00:00", "title": "RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:0010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "modified": "2009-01-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:squirrelmail", "cpe:/o:redhat:enterprise_linux:5.2", "cpe:/o:redhat:enterprise_linux:4.7"], "id": "REDHAT-RHSA-2009-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/35357", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0010. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35357);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_bugtraq_id(31321);\n script_xref(name:\"RHSA\", value:\"2009:0010\");\n\n script_name(english:\"RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:0010)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-2379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2008-3663\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2008-09-28\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.squirrelmail.org/security/issue/2008-12-04\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0010\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/01/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0010\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL3\", reference:\"squirrelmail-1.4.8-8.el3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"squirrelmail-1.4.8-5.el4_7.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"squirrelmail-1.4.8-5.el5_2.2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T13:44:06", "description": "Ivan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.", "edition": 26, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090112_SQUIRRELMAIL_ON_SL3_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60519);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n\n script_name(english:\"Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ivan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0901&L=scientific-linux-errata&T=0&P=1051\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?635425d7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_cwe_id(79, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL3\", reference:\"squirrelmail-1.4.8-8.el3\")) flag++;\n\nif (rpm_check(release:\"SL4\", reference:\"squirrelmail-1.4.8-5.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"squirrelmail-1.4.8-5.el5_2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-01-17T12:44:19", "description": "From Red Hat Security Advisory 2009:0010 :\n\nAn updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "edition": 26, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-0010)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:3", "p-cpe:/a:oracle:linux:squirrelmail", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0010.NASL", "href": "https://www.tenable.com/plugins/nessus/67786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0010 and \n# Oracle Linux Security Advisory ELSA-2009-0010 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67786);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2008-2379\", \"CVE-2008-3663\");\n script_bugtraq_id(31321);\n script_xref(name:\"RHSA\", value:\"2009:0010\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : squirrelmail (ELSA-2009-0010)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0010 :\n\nAn updated squirrelmail package that resolves various security issues\nis now available for Red Hat Enterprise Linux 3, 4 and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript\nrequired) for maximum browser-compatibility, strong MIME support,\naddress books, and folder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in\nSquirrelMail caused by insufficient HTML mail sanitization. A remote\nattacker could send a specially crafted HTML mail or attachment that\ncould cause a user's Web browser to execute a malicious script in the\ncontext of the SquirrelMail session when that email or attachment was\nopened by the user. (CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An\nattacker who controlled the communication channel between a user and\nthe SquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session\ncookie, if a user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for\nSquirrelMail sessions started over HTTPS connections will have the\n'secure' flag set. That is, browsers will only send such cookies over\nan HTTPS connection. If needed, you can revert to the previous\nbehavior by setting the configuration option '$only_secure_cookies' to\n'false' in SquirrelMail's /etc/squirrelmail/config.php configuration\nfile.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000858.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000861.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-January/000862.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected squirrelmail package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(79, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:squirrelmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/09/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"squirrelmail-1.4.8-8.0.1.el3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"squirrelmail-1.4.8-8.0.1.el3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"squirrelmail-1.4.8-5.0.1.el4_7.2\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"squirrelmail-1.4.8-5.0.1.el5_2.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"squirrelmail\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "centos": [{"lastseen": "2020-07-17T03:28:31", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0010\n\n\nSquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript required)\nfor maximum browser-compatibility, strong MIME support, address books, and\nfolder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in SquirrelMail\ncaused by insufficient HTML mail sanitization. A remote attacker could send\na specially-crafted HTML mail or attachment that could cause a user's Web\nbrowser to execute a malicious script in the context of the SquirrelMail\nsession when that email or attachment was opened by the user.\n(CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An attacker\nwho controlled the communication channel between a user and the\nSquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session cookie, if\na user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for SquirrelMail\nsessions started over HTTPS connections will have the \"secure\" flag set.\nThat is, browsers will only send such cookies over an HTTPS connection. If\nneeded, you can revert to the previous behavior by setting the\nconfiguration option \"$only_secure_cookies\" to \"false\" in SquirrelMail's\n/etc/squirrelmail/config.php configuration file.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027635.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027637.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027639.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-February/027650.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027578.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027579.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027584.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027585.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027592.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-January/027593.html\n\n**Affected packages:**\nsquirrelmail\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0010.html", "edition": 6, "modified": "2009-02-05T15:28:13", "published": "2009-01-12T15:25:30", "href": "http://lists.centos.org/pipermail/centos-announce/2009-January/027578.html", "id": "CESA-2009:0010", "title": "squirrelmail security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:45:52", "bulletinFamily": "unix", "cvelist": ["CVE-2008-2379", "CVE-2008-3663"], "description": "SquirrelMail is an easy-to-configure, standards-based, webmail package\nwritten in PHP. It includes built-in PHP support for the IMAP and SMTP\nprotocols, and pure HTML 4.0 page-rendering (with no JavaScript required)\nfor maximum browser-compatibility, strong MIME support, address books, and\nfolder manipulation.\n\nIvan Markovic discovered a cross-site scripting (XSS) flaw in SquirrelMail\ncaused by insufficient HTML mail sanitization. A remote attacker could send\na specially-crafted HTML mail or attachment that could cause a user's Web\nbrowser to execute a malicious script in the context of the SquirrelMail\nsession when that email or attachment was opened by the user.\n(CVE-2008-2379)\n\nIt was discovered that SquirrelMail allowed cookies over insecure\nconnections (ie did not restrict cookies to HTTPS connections). An attacker\nwho controlled the communication channel between a user and the\nSquirrelMail server, or who was able to sniff the user's network\ncommunication, could use this flaw to obtain the user's session cookie, if\na user made an HTTP request to the server. (CVE-2008-3663)\n\nNote: After applying this update, all session cookies set for SquirrelMail\nsessions started over HTTPS connections will have the \"secure\" flag set.\nThat is, browsers will only send such cookies over an HTTPS connection. If\nneeded, you can revert to the previous behavior by setting the\nconfiguration option \"$only_secure_cookies\" to \"false\" in SquirrelMail's\n/etc/squirrelmail/config.php configuration file.\n\nUsers of squirrelmail should upgrade to this updated package, which\ncontains backported patches to correct these issues.", "modified": "2017-09-08T12:17:25", "published": "2009-01-12T05:00:00", "id": "RHSA-2009:0010", "href": "https://access.redhat.com/errata/RHSA-2009:0010", "type": "redhat", "title": "(RHSA-2009:0010) Moderate: squirrelmail security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:40", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3663", "CVE-2008-2379"], "description": "[1.4.8-5.0.1.el5_2.2]\n- Remove Redhat splash screen images\n[1.4.8-5.2]\n- Resolves: CVE-2008-2379\n- fix XSS issue caused by an insufficient html mail sanitation\n[1.4.8-5.1]\n- don't transmit cookies under non-SSL connections if the session\n is started under an SSL (https) connection\n- Resolves: CVE-2008-3663, #468398\n- fix release number with respect to Z-stream nvr policy", "edition": 4, "modified": "2009-01-12T00:00:00", "published": "2009-01-12T00:00:00", "id": "ELSA-2009-0010", "href": "http://linux.oracle.com/errata/ELSA-2009-0010.html", "title": "squirrelmail security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:34:54", "bulletinFamily": "unix", "cvelist": ["CVE-2008-3663", "CVE-2009-0030", "CVE-2009-1580"], "description": "[1.4.8-5.0.1.el5_2.3]\n- Remove Redhat splash screen images\n[1.4.8-5.3]\n- Update patch for CVE-2008-3663 to fix a session handling regression (#480224)", "edition": 4, "modified": "2009-01-20T00:00:00", "published": "2009-01-20T00:00:00", "id": "ELSA-2009-0057", "href": "http://linux.oracle.com/errata/ELSA-2009-0057.html", "title": "squirrelmail security update", "type": "oraclelinux", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}