2 matches found
Debian Security Advisory DSA 1154-1 (squirrelmail)
The remote host is missing an update to squirrelmail announced via advisory DSA 1154-1. James Bercegay of GulfTech Security Research disovered a vulnerability in SquirrelMail where an authenticated user could overwrite random variables in the compose script. This might be exploited to read or wri...
Debian DSA-1154-1 : squirrelmail - variable overwriting
James Bercegay of GulfTech Security Research discovered a vulnerability in SquirrelMail where an authenticated user could overwrite random variables in the compose script. This might be exploited to read or write the preferences or attachment files of other users. %NASLMINLEVEL 70300 C Tenable...