5 matches found
CVE-2007-3635
Multiple unspecified vulnerabilities in the G/PGP GPG Plugin before 2.1 for Squirrelmail might allow "local authenticated users" to inject certain commands via unspecified vectors. NOTE: this might overlap CVE-2005-1924, CVE-2006-4169, or CVE-2007-3634...
Gentoo Security Advisory GLSA 200708-08 (squirrelmail)
The remote host is missing updates announced in advisory GLSA 200708-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2005-1924
The CVE-2005-1924 issue affects the G/PGP plugin for SquirrelMail (2.1 and earlier). It allows an authenticated remote user to execute arbitrary commands by injecting shell metacharacters in the fpr parameter to deleteKey (via gpg_keyring.php called by import_key_file.php, import_key_text.php, an...
iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability
SquirrelMail G/PGP Plugin gpgrecvkey Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital signature...
iDefense Security Advisory 07.11.07: SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability
SquirrelMail G/PGP Plugin deleteKey Command Injection Vulnerability iDefense Security Advisory 07.11.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 11, 2007 I. BACKGROUND The SquirrelMail G/PGP Encrpytion Plugin is a general purpose encryption, decryption, and digital signature...