Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.33 views

Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64

The Red Hat SquirrelMail packages provided by the RHSA-2009:0010 advisory introduced a session handling flaw. Users who logged back into SquirrelMail without restarting their web browsers were assigned fixed session identifiers. A remote attacker could make use of that flaw to hijack user session...

6.5CVSS5.4AI score0.01675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.26 views

CentOS Update for squirrelmail CESA-2009:0057 centos5 i386

Check for the Version of squirrelmail OpenVAS Vulnerability Test CentOS Update for squirrelmail CESA-2009:0057 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

6.5CVSS0.01675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2011/08/09 12:0 a.m.26 views

CentOS Update for squirrelmail CESA-2009:0057 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS5.2AI score0.01675EPSS
Exploits1References2
seebug.org
seebug.org
added 2009/02/19 12:0 a.m.67 views

SquirrelMail软件包会话处理绕过认证漏洞

BUGTRAQ ID: 33354 CVECAN ID: CVE-2009-0030 SquirrelMail是一款PHP编写的WEBMAIL程序。 Red Hat为CVE-2008-3663所提供的修复导致SquirrelMail对所有的会话都设置了相同的SQMSESSID Cookie值,这允许通过认证的远程用户通过使用标准的webmail.php接口访问其他用户的文件夹列表和配置数据。 SquirrelMail 1.4.8 厂商补丁: RedHat ------ RedHat已经为此发布了一个安全公告(RHSA-2009:0057-01)以及相应补丁:...

6.5CVSS1.5AI score0.02159EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2009/02/05 12:0 a.m.32 views

openSUSE 10 Security Update : squirrelmail (squirrelmail-5978)

This update of squirrelmail corrects a problem introduced by a patch for CVE-2008-3663 that caused cookies to be static. CVE-2009-0030 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.5CVSS5.3AI score0.02159EPSS
Exploits2References2
CVE
CVE
added 2009/01/21 8:0 p.m.74 views

CVE-2009-0030

CVE-2009-0030 corresponds to a session cookie handling flaw in SquirrelMail 1.4.8 patched by Red Hat/Miracle Linux advisories. The root cause was an incorrect fix for CVE-2008-3663, causing the SQMSESSID cookie value to be identical across sessions. This enables remote authenticated users to acce...

6.5CVSS7.2AI score0.01675EPSS
Exploits1References9Affected Software1
OpenVAS
OpenVAS
added 2009/01/20 12:0 a.m.20 views

RedHat Security Advisory RHSA-2009:0057

The remote host is missing updates announced in advisory RHSA-2009:0057. SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering with no JavaScript required for maximu...

6.5CVSS7.5AI score0.01675EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/01/20 12:0 a.m.28 views

CentOS Security Advisory CESA-2009:0057 (squirrelmail)

The remote host is missing updates to squirrelmail announced in advisory CESA-2009:0057. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

6.5CVSS7.5AI score0.01675EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2009/01/20 12:0 a.m.36 views

RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:0057)

An updated squirrelmail package that fixes a security issue is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. SquirrelMail is an easy-to-configure, standards-based, webmail package writte...

6.5CVSS7.2AI score0.01855EPSS
Exploits1References5
Rows per page
Query Builder