6 matches found
Moderate: Red Hat Security Advisory: squirrelmail security update
An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner...
RHEL 3 : squirrelmail (RHSA-2005:135)
An updated Squirrelmail package that fixes several security issues is now available for Red Hat Enterprise Linux 3. SquirrelMail is a standards-based webmail package written in PHP4. Jimmy Conner discovered a missing variable initialization in Squirrelmail. This flaw could allow potential insecur...
squirrelmail -- XSS and remote code injection vulnerabilities
A SquirrelMail Security Advisory reports: SquirrelMail 1.4.4 has been released to resolve a number of security issues disclosed below. It is strongly recommended that all running SquirrelMail prior to 1.4.4 upgrade to the latest release. Remote File Inclusion Manoel Zaninetti reported an issue in...
Moderate: Red Hat Security Advisory: squirrelmail security update
An updated SquirrelMail package that fixes a cross-site scripting vulnerability is now available. SquirrelMail is a webmail package written in PHP. A cross-site scripting bug has been found in SquirrelMail. This issue could allow an attacker to send a mail with a carefully crafted header, which...
Debian DSA-220-1 : squirrelmail - XSS
A cross site scripting vulnerability has been discovered in squirrelmail, a feature-rich webmail package written in PHP4. Squirrelmail doesn't sanitize user provided variables in all places, leaving it vulnerable to a cross site scripting attack. %NASLMINLEVEL 70300 C Tenable Network Security, In...
[SECURITY] [DSA 191-2] New squirrelmail packages fix problem in options page
-------------------------------------------------------------------------- Debian Security Advisory DSA 191-2 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2002 http://www.debian.org/security/faq -...