CVE-2009-1579
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
CVE
CVE-2009-1579
Status
Candidate
Description
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
Severity
Medium
CVSS score
6,8
CVSS vector
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Phase
Assigned (21.08.2010)
NVD:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1579
References
BID :
34916
CONFIRM :
http://squirrelmail.svn.sourceforge.net/viewvc/squ...
CONFIRM :
http://squirrelmail.svn.sourceforge.net/viewvc/squ...
CONFIRM :
http://squirrelmail.svn.sourceforge.net/viewvc/squ...
CONFIRM :
http://www.squirrelmail.org/security/issue/2009-05-10
CONFIRM :
https://bugzilla.redhat.com/show_bug.cgi?id=500360
FEDORA :
FEDORA-2009-4870
FEDORA :
FEDORA-2009-4880
MANDRIVA :
MDVSA-2009:110
SECUNIA :
35052
SECUNIA :
35073
VUPEN :
ADV-2009-1296
XF :
squirrelmail-mapypalias-code-execution(50461)
SecurityVulns:
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Nizhny Novgorod
Enter your search terms
Web
securityvulns.com
Submit search form
test server
