17 matches found
Mageia: Security Advisory (MGASA-2013-0325)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201402-15
Gentoo Linux Local Security Checks GLSA 201402-15 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
openSUSE Security Update : roundcubemail (openSUSE-SU-2014:0365-1)
roundcubemail was updated to 0.9.5 to fix bugs and security issues. Fixed security issues : - CVE-2013-6172: vulnerability in handling session argument of utils/save-prefs New upstream release 0.9.5 bnc847179 CVE-2013-6172 - Fix failing vCard import when email address field contains spaces - Fix...
Updated roundcubemail package fixes security vulnerability
It was discovered that roundcube does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing random file access, manipulated SQL queries and even code...
[BSA-085] Security Update for roundcube
Package : roundcube Vulnerability : design error Problem type : remote Debian-specific: no CVE ID : CVE-2013-6172 Debian Bug : 727668 It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the session parameter in...
Fedora 20 : roundcubemail-0.9.5-1.fc20 (2013-19699)
Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172will be available soon. Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
Fedora Update for roundcubemail FEDORA-2013-19745
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-6172
steps/utils/savepref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code...
CVE-2013-6172
steps/utils/savepref.inc in Roundcube webmail before 0.8.7 and 0.9.x before 0.9.5 allows remote attackers to modify configuration settings via the session parameter, which can be leveraged to read arbitrary files, conduct SQL injection attacks, and execute arbitrary code...
CVE-2013-6172
CVE-2013-6172 affects Roundcube Webmail prior to 0.9.5 and 0.8.7. The vulnerability is in steps/utils/save_pref.inc and allows remote attackers to modify configuration settings via the _session parameter, enabling reading arbitrary files, SQL injection, and arbitrary code execution. The open advi...
Mandriva Linux Security Advisory : roundcubemail (MDVSA-2013:263)
A vulnerability has been discovered and corrected in roundcubemail : It was discovered that roundcube does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently...
Fedora Update for roundcubemail FEDORA-2013-19729
Check for the Version of roundcubemail OpenVAS Vulnerability Test Fedora Update for roundcubemail FEDORA-2013-19729 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for roundcubemail FEDORA-2013-19729
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 2787-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2787-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2013 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2787-1] roundcube security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2787-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso October 27, 2013 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 2787-1 (roundcube - design error)
It was discovered that roundcube, a skinnable AJAX based webmail solution for IMAP servers, does not properly sanitize the session parameter in steps/utils/savepref.inc during saving preferences. The vulnerability can be exploited to overwrite configuration settings and subsequently allowing rand...
Fedora 19 : roundcubemail-0.9.5-1.fc19 (2013-19729)
Roundcubemail just released new 0.9.5 version with fixes for VCE2013-6172will be available soon. Hotfix: https://github.com/roundcube/roundcubemail/commit/4109bb26ce.diff Full announcement : Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...