The map_yp_alias function in SquirrelMail and NaSMail allows remote command execution via shell metacharacters in a username strin
Reporter | Title | Published | Views | Family All 76 |
---|---|---|---|---|
Prion | Design/Logic Flaw | 14 May 200917:30 | – | prion |
Prion | Code injection | 22 May 200920:30 | – | prion |
Tenable Nessus | SquirrelMail map_yp_alias Username Mapping Alias Arbitrary Code Execution | 15 May 200900:00 | – | nessus |
Tenable Nessus | Scientific Linux Security Update : squirrelmail on SL3.x, SL4.x, SL5.x i386/x86_64 | 1 Aug 201200:00 | – | nessus |
Tenable Nessus | Oracle Linux 5 : squirrelmail (ELSA-2009-1066) | 12 Jul 201300:00 | – | nessus |
Tenable Nessus | Fedora 10 : squirrelmail-1.4.18-1.fc10 (2009-4880) | 13 May 200900:00 | – | nessus |
Tenable Nessus | openSUSE 10 Security Update : squirrelmail (squirrelmail-6242) | 14 May 200900:00 | – | nessus |
Tenable Nessus | CentOS 3 / 5 : squirrelmail (CESA-2009:1066) | 28 May 200900:00 | – | nessus |
Tenable Nessus | RHEL 3 / 4 / 5 : squirrelmail (RHSA-2009:1066) | 27 May 200900:00 | – | nessus |
Tenable Nessus | Fedora 11 : squirrelmail-1.4.18-1.fc11 (2009-4875) | 13 May 200900:00 | – | nessus |
Source | Link |
---|---|
cve | www.cve.org/CVERecord |
nvd | www.nvd.nist.gov/vuln/detail/CVE-2009-1579 |
launchpad | www.launchpad.net/bugs/cve/CVE-2009-1579 |
security-tracker | www.security-tracker.debian.org/tracker/CVE-2009-1579 |
OS | OS Version | Architecture | Package | Package Version | Filename |
---|---|---|---|---|---|
ubuntu | 8.04 | noarch | squirrelmail | 2:1.4.13-2ubuntu1.3 | UNKNOWN |
ubuntu | 8.10 | noarch | squirrelmail | 2:1.4.15-3ubuntu0.2 | UNKNOWN |
ubuntu | 9.04 | noarch | squirrelmail | 2:1.4.15-4ubuntu0.1 | UNKNOWN |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo