The Planet Forums > SquirrelMail Three Vulnerabilities

Full Version: SquirrelMail Three Vulnerabilities

The Planet Forums > Control Panels > cPanel/WHM > Cpanel/WHM HOWTOs

projectandrew

Jan 24 2005, 04:38 PM

SquirrelMail Three Vulnerabilities
http://secunia.com/advisories/13962/

Description:
Three vulnerabilities have been reported in SquirrelMail, which can be exploited by malicious people to gain knowledge of sensitive information or conduct cross-site scripting attacks.

1) Insufficient sanitation of integer variables in webmail.php can be exploited to include arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site.

The vulnerability affects versions 1.4.0-RC1 through 1.4.4-RC1.

2) Insufficient validation of incoming URL vars in webmail.php can be exploited to include arbitrary web pages in the SquirrelMail frameset.

The vulnerability affects versions 1.4.0-RC1 through 1.4.4-RC1.

3) An error in prefs.php can be exploited to include arbitrary code from local resources via a specially crafted URL.

Successful exploitation requires that register_globals is set to "On".

The vulnerability affects versions 1.4.3-RC1 through 1.4.4-RC1.

Solution:
Update to version 1.4.4.
http://www.squirrelmail.org/download.php

Provided and/or discovered by:
1) Reported by vendor.
2) Manoel Zaninetti
3) Jimmy Conner

Original Advisory:
http://www.squirrelmail.org/security/issue/2005-01-20
http://www.squirrelmail.org/security/issue/2005-01-19
http://www.squirrelmail.org/security/issue/2005-01-14

I have updated my HOW-TO on upgrading to SquirrelMail 1.4.4:

HOW-TO: Upgrade to SquirrelMail 1.4.4 on cPanel
http://www.unofficial-support.com/article/...rrelmail_cpanel

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.