Computer Security

Security Advisory: Vulnerabilities in squirrelmail
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  squirellmail php bugs

  SquirrelMail v1.2.9 XSS bugs

  Squirrel Mail 1.2.7 XSS Exploit

  squirrelmail 1.2.5 email user can execute command

  squirrelmail: squirrelspell plugin check_me.mod.php bug

From:Tom McAdam <tomc_(at)_future-i.com>
Date:25.01.2002
Subject:Vulnerabilities in squirrelmail


Multiple security vulnerabilties exist in SquirrelMail < v 1.2.3 that
allow malicious HTML messages to:

* send messages appearing to come from the user
* run arbitrary javascript

Description
-----------
The compose.php script allows parameters to be passed as GETs.  Therefore
including the following in an HTML mail will send a message to x@y.com:

<img
src="compose.php?send_to=x@y.
com&subject=foo&bar=bar&send=1">

The read_body.php script does not check HTML tags for javascript.  A
trivial example:

<img src="javascript:alert('Oh dear')">


Resolution
----------
Upgrade to version 1.2.3 of SquirrelMail


Acknowledgements
----------------
Thanks to for Philippe Mingo for fixing this bug

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru