FreeBSD : squirrelmail -- XSS and remote code injection vulnerabilities (79630c0c-8dcc-45d0-9908-4087fe1d618c)

high Nessus Plugin ID 18992

Synopsis

The remote FreeBSD host is missing one or more security-related updates.

Description

A SquirrelMail Security Advisory reports :

SquirrelMail 1.4.4 has been released to resolve a number of security issues disclosed below. It is strongly recommended that all running SquirrelMail prior to 1.4.4 upgrade to the latest release. Remote File Inclusion Manoel Zaninetti reported an issue in src/webmail.php which would allow a crafted URL to include a remote web page. This was assigned CAN-2005-0103 by the Common Vulnerabilities and Exposures.
Cross Site Scripting Issues A possible cross site scripting issue exists in src/webmail.php that is only accessible when the PHP installation is running with register_globals set to On. This issue was uncovered internally by the SquirrelMail Development team. This isssue was assigned CAN-2005-0104 by the Common Vulnerabilities and Exposures.

A second issue which was resolved in the 1.4.4-rc1 release was uncovered and assigned CAN-2004-1036 by the Common Vulnerabilities and Exposures. This issue could allow a remote user to send a specially crafted header and cause execution of script (such as JavaScript) in the client browser. Local File Inclusion A possible local file inclusion issue was uncovered by one of our developers involving custom preference handlers. This issue is only active if the PHP installation is running with register_globals set to On.

Solution

Update the affected packages.

See Also

https://marc.info/?l=bugtraq&m=110702772714662

http://www.squirrelmail.org/security/issue/2005-01-14

http://www.squirrelmail.org/security/issue/2005-01-19

http://www.squirrelmail.org/security/issue/2005-01-20

http://www.nessus.org/u?40a1fb6e

Plugin Details

Severity: High

ID: 18992

File Name: freebsd_pkg_79630c0c8dcc45d099084087fe1d618c.nasl

Version: 1.20

Type: local

Published: 7/13/2005

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:freebsd:freebsd, p-cpe:/a:freebsd:freebsd:squirrelmail, p-cpe:/a:freebsd:freebsd:ja-squirrelmail

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 6/1/2005

Vulnerability Publication Date: 1/29/2005

Reference Information

CVE: CVE-2004-1036, CVE-2005-0075, CVE-2005-0103, CVE-2005-0104