Squirrelmail Redirect.PHP Local File Include Vulnerability
BID:18231
CVE-2006-2842 |Info
Squirrelmail Redirect.PHP Local File Include Vulnerability
| Bugtraq ID: | 18231 |
| Class: | Input Validation Error |
| CVE: |
CVE-2006-2842 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 02 2006 12:00AM |
| Updated: | Aug 01 2007 11:35PM |
| Credit: | [email protected] is credited with the discovery of this vulnerability. |
| Vulnerable: |
SuSE SUSE Linux Enterprise Server 8 SuSE SUSE Linux Enterprise Server 10 SuSE Suse Linux Enterprise Desktop 10 SuSE Linux Openexchange Server SuSE Linux Enterprise Server 9 SuSE Linux Desktop 1.0 SquirrelMail SquirrelMail 1.4.8 SquirrelMail SquirrelMail 1.4.7 SquirrelMail SquirrelMail 1.4.6 -rc1 SquirrelMail SquirrelMail 1.4.6 -cvs SquirrelMail SquirrelMail 1.4.6 SquirrelMail SquirrelMail 1.4.5 SquirrelMail SquirrelMail 1.4.4 RC1 SquirrelMail SquirrelMail 1.4.4 SquirrelMail SquirrelMail 1.4.3 RC1 SquirrelMail SquirrelMail 1.4.3 r3 SquirrelMail SquirrelMail 1.4.3 a SquirrelMail SquirrelMail 1.4.3 SquirrelMail SquirrelMail 1.4.2 SquirrelMail SquirrelMail 1.4.1 SquirrelMail SquirrelMail 1.4 RC1 SquirrelMail SquirrelMail 1.4 SGI ProPack 3.0 SP6 S.u.S.E. UnitedLinux 1.0 S.u.S.E. SuSE Linux School Server for i386 S.u.S.E. SUSE LINUX Retail Solution 8.0 S.u.S.E. Open-Enterprise-Server 9.0 S.u.S.E. Open-Enterprise-Server 1 S.u.S.E. Office Server S.u.S.E. Novell Linux Desktop 9.0 S.u.S.E. Novell Linux Desktop 1.0 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 10.0 S.u.S.E. Linux Professional 9.3 x86_64 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux Professional 9.2 x86_64 S.u.S.E. Linux Professional 9.2 S.u.S.E. Linux Professional 9.1 x86_64 S.u.S.E. Linux Professional 9.1 S.u.S.E. Linux Personal 10.0 OSS S.u.S.E. Linux Personal 9.3 x86_64 S.u.S.E. Linux Personal 9.3 S.u.S.E. Linux Personal 9.2 x86_64 S.u.S.E. Linux Personal 9.2 S.u.S.E. Linux Personal 9.1 x86_64 S.u.S.E. Linux Personal 9.1 S.u.S.E. Linux Personal 10.1 S.u.S.E. Linux Office Server S.u.S.E. Linux Enterprise Server for S/390 9.0 S.u.S.E. Linux Enterprise Server for S/390 S.u.S.E. Linux Database Server 0 S.u.S.E. Linux Connectivity Server Redhat Enterprise Linux WS 4 Redhat Enterprise Linux WS 3 Redhat Enterprise Linux ES 4 Redhat Enterprise Linux ES 3 Redhat Enterprise Linux AS 4 Redhat Enterprise Linux AS 3 Redhat Desktop 4.0 Redhat Desktop 3.0 MandrakeSoft Corporate Server 3.0 x86_64 MandrakeSoft Corporate Server 3.0 Apple Mac OS X Server 10.4.10 Apple Mac OS X Server 10.4.9 Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X Server 10.3.9 Apple Mac OS X 10.4.10 Apple Mac OS X 10.4.9 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 Apple Mac OS X 10.3.9 |
| Not Vulnerable: | |
Discussion
Squirrelmail Redirect.PHP Local File Include Vulnerability
SquirrelMail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
A successful exploit may allow unauthorized users to view files and to execute local scripts; other attacks are also possible.
SquirrelMail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
A successful exploit may allow unauthorized users to view files and to execute local scripts; other attacks are also possible.
Exploit / POC
Squirrelmail Redirect.PHP Local File Include Vulnerability
Attackers can exploit this issue via a web client.
An example URI has been provided:
Attackers can exploit this issue via a web client.
An example URI has been provided:
Solution / Fix
Squirrelmail Redirect.PHP Local File Include Vulnerability
Solution:
Please see the referenced advisories for more information.
SquirrelMail SquirrelMail 1.4.5
Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.3.9
Apple Mac OS X 10.4.10
Apple Mac OS X Server 10.4.10
Solution:
Please see the referenced advisories for more information.
SquirrelMail SquirrelMail 1.4.5
-
Mandriva squirrelmail-1.4.5-1.3.C30mdk.noarch.rpm
Corporate 3.0/X86_64:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva squirrelmail-1.4.5-1.3.C30mdk.noarch.rpm
Corporate 3.0:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva squirrelmail-poutils-1.4.5-1.3.C30mdk.noarch.rpm
Corporate 3.0/X86_64:
http://wwwnew.mandriva.com/en/downloads/ -
Mandriva squirrelmail-poutils-1.4.5-1.3.C30mdk.noarch.rpm
Corporate 3.0:
http://wwwnew.mandriva.com/en/downloads/
Apple Mac OS X Server 10.3.9
-
Apple SecUpdSrvr2007-007Pan.dmg For Mac OS X Server v10.3.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.3.9
-
Apple SecUpd2007-007Pan.dmg For Mac OS X v10.3.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.10
-
Apple SecUpd2007-007Ti.dmg For Mac OS X v10.4.10 (PowerPC)
http://www.apple.com/support/downloads/ -
Apple SecUpd2007-007Univ.dmg For Mac OS X v10.4.10 (Universal)
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.10
-
Apple SecUpdSrvr2007-007Ti.dmg For Mac OS X Server v10.4.10 (PowerPC)
http://www.apple.com/support/downloads/ -
Apple SecUpdSrvr2007-007Universal.dmg For Mac OS X Server v10.4.10 (Universal)
http://www.apple.com/support/downloads/
References
Squirrelmail Redirect.PHP Local File Include Vulnerability
References:
References:
- Vendor Homepage (SquirrelMail)