Download
| Alert*
oval:org.secpod.oval:def:202170
SquirrelMail is a standards-based webmail package written in PHP. A server-side code injection flaw was found in the SquirrelMail "map_yp_alias" function. If SquirrelMail was configured to retrieve a user"s IMAP server address from a Network Information Service server via the "map_yp ... oval:org.secpod.oval:def:601436 squirrelmail is installed oval:org.secpod.oval:def:600607 Various vulnerabilities have been found in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2010-4554 SquirrelMail did not prevent page rendering inside a third-party HTML frame, which makes it easier for remote attac ... oval:org.secpod.oval:def:70302 squirrelmail: Webmail for nuts SquirrelMail could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:203153 squirrelmail is installed oval:org.secpod.oval:def:202182 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. Ivan Markovic dis ... oval:org.secpod.oval:def:202188 SquirrelMail is a standards-based webmail package written in PHP. A server-side code injection flaw was found in the SquirrelMail "map_yp_alias" function. If SquirrelMail was configured to retrieve a user"s IMAP server address from a Network Information Service server via the "map_yp ... oval:org.secpod.oval:def:202201 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. Ivan Markovic dis ... oval:org.secpod.oval:def:602876 Dawid Golunski and Filippo Cavallarin discovered that squirrelmail, a webmail application, incorrectly handled a user-supplied value. This would allow a logged-in user to run arbitrary commands on the server. oval:org.secpod.oval:def:112434 SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:112436 SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:500545 SquirrelMail is a standards-based webmail package written in PHP. A server-side code injection flaw was found in the SquirrelMail "map_yp_alias" function. If SquirrelMail was configured to retrieve a user"s IMAP server address from a Network Information Service server via the "map_yp ... oval:org.secpod.oval:def:500624 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. Ivan Markovic dis ... oval:org.secpod.oval:def:500548 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. The Red Hat Squir ... oval:org.secpod.oval:def:201964 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. The Red Hat Squir ... oval:org.secpod.oval:def:201976 SquirrelMail is an easy-to-configure, standards-based, webmail package written in PHP. It includes built-in PHP support for the IMAP and SMTP protocols, and pure HTML 4.0 page-rendering for maximum browser-compatibility, strong MIME support, address books, and folder manipulation. The Red Hat Squir ... oval:org.secpod.oval:def:603356 Florian Grunow und Birk Kauer of ERNW discovered a path traversal vulnerability in SquirrelMail, a webmail application, allowing an authenticated remote attacker to retrieve or delete arbitrary files via mail attachment. oval:org.secpod.oval:def:500655 SquirrelMail is a standards-based webmail package written in PHP. Form submissions in SquirrelMail did not implement protection against Cross-Site Request Forgery attacks. If a remote attacker tricked a user into visiting a malicious web page, the attacker could hijack that user"s authentication, i ... oval:org.secpod.oval:def:1500104 An updated squirrelmail package that fixes one security issue and severalbugs is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having lowsecurity impact. A Common Vulnerability Scoring System base score,which gives a detailed severity rati ... oval:org.secpod.oval:def:202522 SquirrelMail is a standards-based webmail package written in PHP. The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attemptin ... oval:org.secpod.oval:def:500943 SquirrelMail is a standards-based webmail package written in PHP. The SquirrelMail security update RHSA-2012:0103 did not, unlike the erratum text stated, correct the CVE-2010-2813 issue, a flaw in the way SquirrelMail handled failed log in attempts. A user preference file was created when attemptin ... oval:org.secpod.oval:def:705802 squirrelmail: Webmail for nuts SquirrelMail could be made to crash if it received specially crafted input. oval:org.secpod.oval:def:202233 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:500729 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... |