Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2004-654.NASL
HistoryDec 27, 2004 - 12:00 a.m.

RHEL 3 : squirrelmail (RHSA-2004:654)

2004-12-2700:00:00
This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
37
JSON

An updated SquirrelMail package that fixes a cross-site scripting vulnerability is now available.

SquirrelMail is a webmail package written in PHP.

A cross-site scripting bug has been found in SquirrelMail. This issue could allow an attacker to send a mail with a carefully crafted header, which could result in causing the victim’s machine to execute a malicious script. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-1036 to this issue.

Additionally, the following issues have been addressed :

  • updated splash screens - HIGASHIYAMA Masato’s patch to improve Japanese support - real 1.4.3a tarball - config_local.php and default_pref in /etc/squirrelmail/ to match upstream RPM.

Please note that it is possible that upgrading to this package may remove your SquirrelMail configuration files due to a bug in the RPM package. Upgrading will prevent this from happening in the future.

Users of SquirrelMail are advised to upgrade to this updated package which contains a patched version of SquirrelMail version 1.43a and is not vulnerable to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2004:654. The text 
# itself is copyright (C) Red Hat, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(16053);
  script_version("1.25");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2004-1036");
  script_xref(name:"RHSA", value:"2004:654");

  script_name(english:"RHEL 3 : squirrelmail (RHSA-2004:654)");
  script_summary(english:"Checks the rpm output for the updated package");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An updated SquirrelMail package that fixes a cross-site scripting
vulnerability is now available.

SquirrelMail is a webmail package written in PHP.

A cross-site scripting bug has been found in SquirrelMail. This issue
could allow an attacker to send a mail with a carefully crafted
header, which could result in causing the victim's machine to execute
a malicious script. The Common Vulnerabilities and Exposures project
has assigned the name CVE-2004-1036 to this issue.

Additionally, the following issues have been addressed :

  - updated splash screens - HIGASHIYAMA Masato's patch to
    improve Japanese support - real 1.4.3a tarball -
    config_local.php and default_pref in /etc/squirrelmail/
    to match upstream RPM.

Please note that it is possible that upgrading to this package may
remove your SquirrelMail configuration files due to a bug in the RPM
package. Upgrading will prevent this from happening in the future.

Users of SquirrelMail are advised to upgrade to this updated package
which contains a patched version of SquirrelMail version 1.43a and is
not vulnerable to these issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2004-1036"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2004:654"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected squirrelmail package."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:squirrelmail");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:3");

  script_set_attribute(attribute:"vuln_publication_date", value:"2005/03/01");
  script_set_attribute(attribute:"patch_publication_date", value:"2004/12/23");
  script_set_attribute(attribute:"plugin_publication_date", value:"2004/12/27");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^3([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 3.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2004:654";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL3", reference:"squirrelmail-1.4.3a-7.EL3")) flag++;

  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "squirrelmail");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxsquirrelmailp-cpe:/a:redhat:enterprise_linux:squirrelmail
redhatenterprise_linux3cpe:/o:redhat:enterprise_linux:3

Related

nessus 6
ubuntucve 1
cve 1
openvas 6
gentoo 1
redhat 1
cvelist 1
securityvulns 1
freebsd 1
nessus
nessus
SquirrelMail decodeHeader Arbitrary HTML Injection
2004-11-13 00:00:00
Fedora Core 3 : squirrelmail-1.4.3a-6.FC3 (2004-472)
2004-11-29 00:00:00
GLSA-200411-25 : SquirrelMail: Encoded text XSS vulnerability
2004-11-17 00:00:00
ubuntucve
ubuntucve
CVE-2004-1036
2005-03-01 00:00:00
cve
cve
CVE-2004-1036
2005-03-01 05:00:00
openvas
openvas
FreeBSD Ports: ja-squirrelmail
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200411-25 (SquirrelMail)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200411-25 (SquirrelMail)
2008-09-24 00:00:00
gentoo
gentoo
SquirrelMail: Encoded text XSS vulnerability
2004-11-17 00:00:00
redhat
redhat
(RHSA-2004:654) squirrelmail security update
2004-12-23 00:00:00
cvelist
cvelist
CVE-2004-1036
2004-11-16 05:00:00
securityvulns
securityvulns
SquirrelMail Security Advisory
2005-01-30 00:00:00
freebsd
freebsd
squirrelmail -- XSS and remote code injection vulnerabilities
2005-01-29 00:00:00
JSON
Related for REDHAT-RHSA-2004-654.NASL
nessus6ubuntucve1cve1openvas6gentoo1redhat1cvelist1securityvulns1freebsd1