HTTP: SquirrelMail Authentication Bypass
This signature detects an attemps to bypass the authentication mechanism of SquirrelMail. SquirrelMail 1.4.4 and earlier does not properly sanitize the $_POST variable, which can allow remote attackers to read or modify other users preferences.
Extended Description
SquirrelMail is affected by an insecure variable handling vulnerability. It was reported that an attacker can exploit this vulnerability to disclose and manipulate users' preferences, write arbitrary files in the context of 'www-data', carry out cross-site scripting and various other attacks. Due to a lack of information, further details cannot be described at the moment. This BID will be update when more information becomes available.
Affected Products
Suse linux_desktop
Short Name
HTTP:PHP:SQUIRRELMAIL-AUTH
Severity
Warning
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Authentication Bypass CVE-2005-2095 SquirrelMail bid:14254
Release Date
08/16/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Squirrelmail
Mandriva
Suse
Apple
CVSS Score
4.3