Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Exploits-HackingTools
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[UNIX] SquirrelMail Cross Site Scripting in Encoded Text

from [SecuriTeam] Network Security [Permanent Link]
Subject: [UNIX] SquirrelMail Cross Site Scripting in Encoded Text
Date: 17 Nov 2004 14:07:22 +0200 
The following security advisory is sent to the securiteam mailing list, and can 
be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -



  SquirrelMail Cross Site Scripting in Encoded Text
------------------------------------------------------------------------


SUMMARY

 <http://www.squirrelmail.org> SquirrelMail is "a standards-based webmail 
package written in PHP4. It includes built-in pure PHP support for the 
IMAP and SMTP protocols, and all pages render in pure HTML 4.0 (with no 
JavaScript required) for maximum compatibility across browsers. It has 
very few requirements and is very easy to configure and install. 
SquirrelMail has all the functionality you would want from an email 
client, including strong MIME support, address books, and folder 
manipulation".

There is a cross site scripting issue in SqurrielMail's decoding of 
encoded text in certain headers. SquirrelMail correctly decodes the 
specially crafted header, but doesn't sanitize the decoded strings.

DETAILS

Vulnerable Systems:
 * SquirrelMail version 1.4.3a and earlier
 * SquirrelMail version 1.5.1-cvs before 23rd October 2004

Immune Systems:
 * SquirrelMail version 1.4.3a (patched)
 * SquirrelMail version 1.4.4
 * SquirrelMail version 1.5.1-cvs after 23rd October 2004

Resolution:
A patch has been published to resolve this issue for the SquirrelMail 
1.4.3a branch, and can be downloaded from here:  
<http://prdownloads.sourceforge.net/squirrelmail/sm143a-xss.diff?download> 
http://prdownloads.sourceforge.net/squirrelmail/sm143a-xss.diff?download

To apply this patch, copy the sm143a-xss.diff file into the base 
SquirrelMail directory, and follow the command:

  patch -p0 < sm143a-xss.diff

Those using SquirrelMail 1.5.1-cvs should update using CVS, or use a copy 
of the latest snapshot downloadable from the SquirrelMail website at:  
<http://www.squirrelmail.org> http://www.squirrelmail.org


ADDITIONAL INFORMATION

The information has been provided by Joost Pol.



======================================== 


This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: 
list-unsubscribe@securiteam.com 
In order to subscribe to the mailing list, simply forward this email to: 
list-subscribe@securiteam.com 


==================== 
==================== 

DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any 
kind. 
In no event shall we be liable for any damages whatsoever including direct, 
indirect, incidental, consequential, loss of business profits or special 
damages.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [UNIX] SquirrelMail Cross Site Scripting in Encoded Text, SecuriTeam <=
Previous by Date:  [EXPL] Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability (Exploit), SecuriTeam
Next by Date:  [EXPL] Kerio Personal Firewall Multiple IP Options DoS PoC, SecuriTeam
Previous by Thread:  [EXPL] Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability (Exploit), SecuriTeam
Next by Thread:  [EXPL] Kerio Personal Firewall Multiple IP Options DoS PoC, SecuriTeam
Indexes:  [Date] [Thread] [Top] [All Lists]