SquirrelMail Multiple Remote Input Validation Vulnerabilities

BID:12337

Info

SquirrelMail Multiple Remote Input Validation Vulnerabilities

Bugtraq ID: 12337
Class: Input Validation Error
CVE: CVE-2005-0104
CVE-2005-0103
CVE-2005-0075
Remote: Yes
Local: No
Published: Jan 22 2005 12:00AM
Updated: Jul 12 2009 10:06AM
Credit: Manoel Zaninetti is credited with the discovery of the frame content manipulation issue. Jimmy Conner is credited with discovering the local file inclusion issue. The cross-site scripting issue was reported by the vendor.
Vulnerable: SuSE Linux Enterprise Server 9
SquirrelMail SquirrelMail 1.4.8
SquirrelMail SquirrelMail 1.4.4 RC1
SquirrelMail SquirrelMail 1.4.3 RC1
SquirrelMail SquirrelMail 1.4.3 r3
+ Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 a
+ Redhat Fedora Core3
 + Redhat Fedora Core3
 + Redhat Fedora Core3
 + Redhat Fedora Core2
 + Redhat Fedora Core2
 SquirrelMail SquirrelMail 1.4.3
SquirrelMail SquirrelMail 1.4.2
+ MandrakeSoft Corporate Server 3.0 x86_64
 + MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Corporate Server 3.0
+ MandrakeSoft Corporate Server 3.0
+ Redhat Fedora Core2
 + Redhat Fedora Core2
 + Redhat Fedora Core2
 SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4 RC1
SquirrelMail SquirrelMail 1.4
SquirrelMail SquirrelMail 1.2.11
SquirrelMail SquirrelMail 1.2.10
SquirrelMail SquirrelMail 1.2.9
SquirrelMail SquirrelMail 1.2.8
+ Terra Soft Solutions Yellow Dog Linux 3.0
SquirrelMail SquirrelMail 1.2.7
+ Redhat Linux 8.0
SquirrelMail SquirrelMail 1.2.6
+ Debian Linux 3.0 sparc
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 s/390
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 ppc
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mipsel
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 mips
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 m68k
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-64
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 ia-32
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 hppa
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 arm
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0 alpha
 + Debian Linux 3.0
+ Debian Linux 3.0
SquirrelMail SquirrelMail 1.2.5
SquirrelMail SquirrelMail 1.2.4
SquirrelMail SquirrelMail 1.2.3
SquirrelMail SquirrelMail 1.2.2
SquirrelMail SquirrelMail 1.2.1
SquirrelMail SquirrelMail 1.2 .0
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Enterprise Server for S/390 9.0
Redhat Fedora Core3
Redhat Fedora Core2
Not Vulnerable: SquirrelMail SquirrelMail 1.4.4
+ Debian Linux 3.1 sparc
 + Debian Linux 3.1 s/390
 + Debian Linux 3.1 s/390
 + Debian Linux 3.1 s/390
 + Debian Linux 3.1 ppc
 + Debian Linux 3.1 ppc
 + Debian Linux 3.1 ppc
 + Debian Linux 3.1 mipsel
 + Debian Linux 3.1 mipsel
 + Debian Linux 3.1 mipsel
 + Debian Linux 3.1 mips
 + Debian Linux 3.1 mips
 + Debian Linux 3.1 mips
 + Debian Linux 3.1 m68k
 + Debian Linux 3.1 m68k
 + Debian Linux 3.1 m68k
 + Debian Linux 3.1 ia-64
 + Debian Linux 3.1 ia-64
 + Debian Linux 3.1 ia-64
 + Debian Linux 3.1 ia-32
 + Debian Linux 3.1 ia-32
 + Debian Linux 3.1 ia-32
 + Debian Linux 3.1 hppa
 + Debian Linux 3.1 hppa
 + Debian Linux 3.1 hppa
 + Debian Linux 3.1 arm
 + Debian Linux 3.1 arm
 + Debian Linux 3.1 arm
 + Debian Linux 3.1 alpha
 + Debian Linux 3.1 alpha
 + Debian Linux 3.1 alpha
 + Debian Linux 3.1
+ Debian Linux 3.1
+ Debian Linux 3.1
+ Gentoo Linux
+ Gentoo Linux
+ Gentoo Linux

Discussion

SquirrelMail Multiple Remote Input Validation Vulnerabilities

SquirrelMail is reported prone to multiple vulnerabilities resulting from input validation errors. These issues may allow an attacker to carry out cross-site scripting and file include attacks. An attacker may also include arbitrary web pages in the SquirrelMail frameset to carry out phishing type attacks.

The following specific issues were identified:

SquirrelMail is reported prone to a cross-site scripting vulnerability. Attacker-supplied code may be rendered in a user's browser facilitating theft of cookie-based authentication credentials and other attacks.

It is reported that an attacker may influence Web content through certain unspecified variables. It is conjectured that this may allow attackers to misrepresent Web content and potentially carry out phishing type attacks.

The application is reported prone to a file include vulnerability as well. Reportedly, an affected script can allow remote attackers to include local scripts. This may eventually lead to unauthorized access in the context of the affected server.

Exploit / POC

SquirrelMail Multiple Remote Input Validation Vulnerabilities

An exploit is not required to carry out these attacks.

Solution / Fix

SquirrelMail Multiple Remote Input Validation Vulnerabilities

Solution:
The vendor has released SquirrelMail 1.4.4 to address this issue. Patches for affected versions are available as well.

RedHat has released advisories (FEDORA-2005-259), and (FEDORA-2005-260) to address these issues in Fedora Core 2 and 3. Please see the referenced advisories for further information.

Gentoo Linux has released advisory GLSA 200501-39 dealing with this issue. Gentoo advises that all SquirrelMail users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-client/squirrelmail-1.4.4"

Note: Users with the vhosts USE flag set should manually use webapp-config to finalize the update. For more information, please see the referenced Gentoo Linux advisory.

Debian has released advisory DSA 662-1 along with fixes dealing with these issues. Please see the referenced advisory for more information.

SGI has released advisory 20050207-01-U including Patch 10144 that contains updated SGI ProPack 3 Service Pack 4 RPMs for the SGI Altix products. This patch addresses various issues. Please see the referenced advisory for more information.

Debian has released advisory DSA 662-2 to address the issue described in CAN-2005-0104. Please see the referenced advisory for more information.

SUSE Linux has released advisory SUSE-SR:2005:014 to address these and other issues. Please see the referenced advisory for more information.


SquirrelMail SquirrelMail 1.2.6

SquirrelMail SquirrelMail 1.4 RC1

SquirrelMail SquirrelMail 1.4

SquirrelMail SquirrelMail 1.4.1

SquirrelMail SquirrelMail 1.4.2

SquirrelMail SquirrelMail 1.4.3 RC1

SquirrelMail SquirrelMail 1.4.3 a

SquirrelMail SquirrelMail 1.4.3 r3

SquirrelMail SquirrelMail 1.4.3

SquirrelMail SquirrelMail 1.4.4 RC1

SquirrelMail SquirrelMail 1.4.8

SGI ProPack 3.0

References

SquirrelMail Multiple Remote Input Validation Vulnerabilities

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report