Lucene search
Copyright (C) 2009 E-Soft Inc.OPENVAS:136141256231064694HistorySep 02, 2009 - 12:00 a.m.
Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)
2009-09-0200:00:00
Copyright (C) 2009 E-Soft Inc.
plugins.openvas.org
14
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.004
Percentile
73.7%
The remote host is missing an update to squirrelmail
announced via advisory MDVSA-2009:222.
# SPDX-FileCopyrightText: 2009 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.64694");
script_version("2023-07-19T05:05:15+0000");
script_tag(name:"last_modification", value:"2023-07-19 05:05:15 +0000 (Wed, 19 Jul 2023)");
script_tag(name:"creation_date", value:"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)");
script_cve_id("CVE-2009-2964");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 E-Soft Inc.");
script_family("Mandrake Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/mandriva_mandrake_linux", "ssh/login/rpms", re:"ssh/login/release=MNDK_(4\.0|mes5)");
script_tag(name:"insight", value:"A vulnerability has been found and corrected in squirrelmail:
All form submissions (send message, change preferences, etc.) in
SquirrelMail were previously subject to cross-site request forgery
(CSRF), wherein data could be sent to them from an offsite location,
which could allow an attacker to inject malicious content into
user preferences or possibly send emails without user consent
(CVE-2009-2964).
This update provides a solution to this vulnerability.
Affected: Corporate 4.0, Enterprise Server 5.0");
script_tag(name:"solution", value:"To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.");
script_xref(name:"URL", value:"https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:222");
script_tag(name:"summary", value:"The remote host is missing an update to squirrelmail
announced via advisory MDVSA-2009:222.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
res = "";
report = "";
if ((res = isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ar", rpm:"squirrelmail-ar~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-bg", rpm:"squirrelmail-bg~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-bn", rpm:"squirrelmail-bn~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ca", rpm:"squirrelmail-ca~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cs", rpm:"squirrelmail-cs~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cy", rpm:"squirrelmail-cy~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cyrus", rpm:"squirrelmail-cyrus~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-da", rpm:"squirrelmail-da~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-de", rpm:"squirrelmail-de~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-el", rpm:"squirrelmail-el~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-en", rpm:"squirrelmail-en~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-es", rpm:"squirrelmail-es~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-et", rpm:"squirrelmail-et~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-eu", rpm:"squirrelmail-eu~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fa", rpm:"squirrelmail-fa~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fi", rpm:"squirrelmail-fi~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fo", rpm:"squirrelmail-fo~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fr", rpm:"squirrelmail-fr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fy", rpm:"squirrelmail-fy~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-he", rpm:"squirrelmail-he~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-hr", rpm:"squirrelmail-hr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-hu", rpm:"squirrelmail-hu~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-id", rpm:"squirrelmail-id~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-is", rpm:"squirrelmail-is~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-it", rpm:"squirrelmail-it~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ja", rpm:"squirrelmail-ja~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ka", rpm:"squirrelmail-ka~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ko", rpm:"squirrelmail-ko~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-lt", rpm:"squirrelmail-lt~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ms", rpm:"squirrelmail-ms~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nb", rpm:"squirrelmail-nb~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nl", rpm:"squirrelmail-nl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nn", rpm:"squirrelmail-nn~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-pl", rpm:"squirrelmail-pl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-poutils", rpm:"squirrelmail-poutils~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-pt", rpm:"squirrelmail-pt~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ro", rpm:"squirrelmail-ro~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ru", rpm:"squirrelmail-ru~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sk", rpm:"squirrelmail-sk~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sl", rpm:"squirrelmail-sl~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sr", rpm:"squirrelmail-sr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sv", rpm:"squirrelmail-sv~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-th", rpm:"squirrelmail-th~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-tr", rpm:"squirrelmail-tr~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ug", rpm:"squirrelmail-ug~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-uk", rpm:"squirrelmail-uk~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-vi", rpm:"squirrelmail-vi~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-zh_CN", rpm:"squirrelmail-zh_CN~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-zh_TW", rpm:"squirrelmail-zh_TW~1.4.19~0.2.20060mlcs4", rls:"MNDK_4.0")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail", rpm:"squirrelmail~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ar", rpm:"squirrelmail-ar~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-bg", rpm:"squirrelmail-bg~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-bn", rpm:"squirrelmail-bn~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ca", rpm:"squirrelmail-ca~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cs", rpm:"squirrelmail-cs~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cy", rpm:"squirrelmail-cy~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-cyrus", rpm:"squirrelmail-cyrus~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-da", rpm:"squirrelmail-da~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-de", rpm:"squirrelmail-de~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-el", rpm:"squirrelmail-el~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-en", rpm:"squirrelmail-en~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-es", rpm:"squirrelmail-es~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-et", rpm:"squirrelmail-et~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-eu", rpm:"squirrelmail-eu~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fa", rpm:"squirrelmail-fa~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fi", rpm:"squirrelmail-fi~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fo", rpm:"squirrelmail-fo~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fr", rpm:"squirrelmail-fr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-fy", rpm:"squirrelmail-fy~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-he", rpm:"squirrelmail-he~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-hr", rpm:"squirrelmail-hr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-hu", rpm:"squirrelmail-hu~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-id", rpm:"squirrelmail-id~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-is", rpm:"squirrelmail-is~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-it", rpm:"squirrelmail-it~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ja", rpm:"squirrelmail-ja~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ka", rpm:"squirrelmail-ka~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ko", rpm:"squirrelmail-ko~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-lt", rpm:"squirrelmail-lt~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ms", rpm:"squirrelmail-ms~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nb", rpm:"squirrelmail-nb~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nl", rpm:"squirrelmail-nl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-nn", rpm:"squirrelmail-nn~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-pl", rpm:"squirrelmail-pl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-poutils", rpm:"squirrelmail-poutils~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-pt", rpm:"squirrelmail-pt~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ro", rpm:"squirrelmail-ro~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ru", rpm:"squirrelmail-ru~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sk", rpm:"squirrelmail-sk~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sl", rpm:"squirrelmail-sl~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sr", rpm:"squirrelmail-sr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-sv", rpm:"squirrelmail-sv~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-th", rpm:"squirrelmail-th~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-tr", rpm:"squirrelmail-tr~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-ug", rpm:"squirrelmail-ug~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-uk", rpm:"squirrelmail-uk~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-vi", rpm:"squirrelmail-vi~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-zh_CN", rpm:"squirrelmail-zh_CN~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if ((res = isrpmvuln(pkg:"squirrelmail-zh_TW", rpm:"squirrelmail-zh_TW~1.4.19~2.2mdvmes5", rls:"MNDK_mes5")) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99);
}
Related
openvas
openvas
SquirrelMail Multiple CSRF Vulnerabilities
2009-08-28 00:00:00
Mandrake Security Advisory MDVSA-2009:222 (squirrelmail)
2009-09-02 00:00:00
RedHat Security Advisory RHSA-2009:1490
2009-10-13 00:00:00
nessus
nessus
Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64
2012-08-01 00:00:00
RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1490)
2009-10-09 00:00:00
CentOS 3 / 4 : squirrelmail (CESA-2009:1490)
2009-10-09 00:00:00
seebug
seebug
SquirrelMailε€δΈͺ葨εθ·¨η«θ―·ζ±δΌͺι ζΌζ΄
2009-08-28 00:00:00
ubuntucve
ubuntucve
CVE-2009-2964
2009-08-25 00:00:00
redhat
redhat
(RHSA-2009:1490) Moderate: squirrelmail security update
2009-10-08 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-08-31 00:00:00
[ MDVSA-2009:222 ] squirrelmail
2009-08-31 00:00:00
centos
centos
squirrelmail security update
2009-10-08 20:55:32
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-04-10 00:39:18
cvelist
cvelist
CVE-2009-2964
2009-08-25 17:00:00
oraclelinux
oraclelinux
squirrelmail security update
2009-10-08 00:00:00
jvn
jvn
JVN#30881447: SquirrelMail vulnerable to cross-site request forgery
2011-01-07 00:00:00
prion
prion
Cross site request forgery (csrf)
2009-08-25 17:30:00
cve
cve
CVE-2009-2964
2009-08-25 17:30:01
nvd
nvd
CVE-2009-2964
2009-08-25 17:30:01
debian
debian
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.004
Percentile
73.7%
Related for OPENVAS:136141256231064694