8 matches found
CentOS 3 / 4 : SquirrelMail (CESA-2005:595-02)
An updated squirrelmail package that fixes two security issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 04 Aug 2005 The previous SquirrelMail package released with this errata contained a bug which rendered the...
FreeBSD Ports: squirrelmail, ja-squirrelmail
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 756-1 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory DSA 756-1. Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2005-1769 Martijn Brinkers...
Debian: Security Advisory (DSA-756-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 3 / 4 : SquirrelMail (CESA-2005:595)
An updated squirrelmail package that fixes two security issues is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 04 Aug 2005 The previous SquirrelMail package released with this errata contained a bug which rendered the...
Fedora Core 3 : squirrelmail-1.4.6-0.cvs20050812.1.fc3 (2005-779)
It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for...
Fedora Core 4 : squirrelmail-1.4.6-0.cvs20050812.1.fc4 (2005-780)
It probably is not a good idea to push a CVS snapshot here, but upstream screwed up their 1.4.5 release and CVS contains further fixes like PHP5 related stuff that might make squirrelmail usable on FC4. This snapshot worked on my personal server for the past week, so hopefully it will be good for...
CVE-2005-1769
CVE-2005-1769 concerns multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail versions 1.4.0–1.4.4. The issues allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors in the URL or in an e-mail message. The weaknesses have a CVSS v2 base score of 4.3 ...