HTTP: SquirrelMail File Inclusion
This signature detects attempts to exploit a known vulnerability in SquirrelMail, a PHP Web application. Attackers can obtain sensitive information and execute code on the client side.
Extended Description
SquirrelMail is reported prone to multiple vulnerabilities resulting from input validation errors. These issues may allow an attacker to carry out cross-site scripting and file include attacks. An attacker may also include arbitrary web pages in the SquirrelMail frameset to carry out phishing type attacks. The following specific issues were identified: SquirrelMail is reported prone to a cross-site scripting vulnerability. Attacker-supplied code may be rendered in a user's browser facilitating theft of cookie-based authentication credentials and other attacks. It is reported that an attacker may influence Web content through certain unspecified variables. It is conjectured that this may allow attackers to misrepresent Web content and potentially carry out phishing type attacks. The application is reported prone to a file include vulnerability as well. Reportedly, an affected script can allow remote attackers to include local scripts. This may eventually lead to unauthorized access in the context of the affected server.
Affected Products
Squirrelmail squirrelmail
Short Name
HTTP:PHP:SQUIRRELMAIL
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2005-0103 File Inclusion SquirrelMail bid:12337
Release Date
03/23/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Red_hat
Squirrelmail
Suse
Sgi
CVSS Score
7.5