24 matches found
Oracle Linux 5 : squirrelmail (ELSA-2009-0010)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-0010 advisory. - Resolves: CVE-2008-2379 - Resolves: CVE-2008-3663, 468398 Tenable has extracted the preceding description block directly from the Oracle Linux securi...
Oracle Linux 5 : squirrelmail (ELSA-2009-0057)
The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-0057 advisory. 1.4.8-5.0.1.el52.3 - Remove Redhat splash screen images 1.4.8-5.3 - Update patch for CVE-2008-3663 to fix a session handling regression 480224 Tenable...
CentOS Update for squirrelmail CESA-2009:0010 centos4 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Core 9 FEDORA-2009-5471 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory FEDORA-2009-5471. OpenVAS Vulnerability Test $Id: fcore20095471.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-5471 squirrelmail Authors: Thomas Reinke Copyright: Copyright...
Fedora Core 9 FEDORA-2009-5471 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory FEDORA-2009-5471. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...
Fedora 9 : squirrelmail-1.4.19-1.fc9 (2009-5471)
Fri May 22 2009 Michal Hlavinka - 1.4.19-1 - updated to 1.4.19 - fixes CVE-2009-1579, CVE-2009-1580, CVE-2009-1581 - Tue May 19 2009 Michal Hlavinka - 1.4.18-2 - fix undefined variable aSpamIds 501260 - Tue May 12 2009 Michal Hlavinka - 1.4.18-1 - update to 1.4.18 fixes CVE-2009-1581 - Thu Dec 4...
Fedora Core 9 FEDORA-2009-4870 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory FEDORA-2009-4870. OpenVAS Vulnerability Test $Id: fcore20094870.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-4870 squirrelmail Authors: Thomas Reinke Copyright: Copyright...
Fedora Core 9 FEDORA-2009-4870 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory FEDORA-2009-4870. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...
Fedora 9 : squirrelmail-1.4.18-1.fc9 (2009-4870)
Tue May 12 2009 Michal Hlavinka - 1.4.18-1 - update to 1.4.18 fixes CVE-2009-1581 - Thu Dec 4 2008 Michal Hlavinka - 1.4.17-1 - update to 1.4.17 fixes CVE-2008-2379 - Wed Oct 1 2008 Michal Hlavinka - 1.4.16-1 - update to 1.4.16 - resolves: 464185: CVE-2008-3663 Squirrelmail session hijacking Note...
Fedora Update for squirrelmail FEDORA-2008-9071
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for squirrelmail FEDORA-2008-9071
Check for the Version of squirrelmail OpenVAS Vulnerability Test Fedora Update for squirrelmail FEDORA-2008-9071 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for squirrelmail FEDORA-2008-8559
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for squirrelmail FEDORA-2008-10740
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SquirrelMail HTTPS Session Cookie Secure Flag Weakness
The version of SquirrelMail installed on the remote host does not set the 'secure' flag for session cookies established when communicating over SSL / TLS. This could lead to disclosure of those cookies if a user issues a request to a host in the same domain over HTTP as opposed to HTTPS...
openSUSE 10 Security Update : squirrelmail (squirrelmail-5978)
This update of squirrelmail corrects a problem introduced by a patch for CVE-2008-3663 that caused cookies to be static. CVE-2009-0030 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Design/Logic Flaw
A certain Red Hat patch for SquirrelMail 1.4.8 sets the same SQMSESSID cookie value for all sessions, which allows remote authenticated users to access other users' folder lists and configuration data in opportunistic circumstances by using the standard webmail.php interface. NOTE: this...
CVE-2009-0030
CVE-2009-0030 corresponds to a session cookie handling flaw in SquirrelMail 1.4.8 patched by Red Hat/Miracle Linux advisories. The root cause was an incorrect fix for CVE-2008-3663, causing the SQMSESSID cookie value to be identical across sessions. This enables remote authenticated users to acce...
squirrelmail security update
1.4.8-5.0.1.el52.3 - Remove Redhat splash screen images 1.4.8-5.3 - Update patch for CVE-2008-3663 to fix a session handling regression 480224...
CentOS Security Advisory CESA-2009:0010 (squirrelmail)
The remote host is missing updates to squirrelmail announced in advisory CESA-2009:0010. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
squirrelmail security update
1.4.8-5.0.1.el52.2 - Remove Redhat splash screen images 1.4.8-5.2 - Resolves: CVE-2008-2379 - fix XSS issue caused by an insufficient html mail sanitation 1.4.8-5.1 - don't transmit cookies under non-SSL connections if the session is started under an SSL https connection - Resolves: CVE-2008-3663...