FreeBSD : SquirrelMail -- post-authentication access privileges (928d5c59-2a5a-11e8-a712-0025908740c2)

high Nessus Plugin ID 108476

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Florian Grunow reports :

An attacker able to exploit this vulnerability can extract files of the server the application is running on. This may include configuration files, log files and additionally all files that are readable for all users on the system. This issue is post-authentication. That means an attacker would need valid credentials for the application to log in or needs to exploit an additional vulnerability of which we are not aware of at this point of time.

An attacker would also be able to delete files on the system, if the user running the application has the rights to do so.

Does this issue affect me?

Likely yes, if you are using Squirrelmail. We checked the latest development version, which is 1.5.2-svn and the latest version available for download at this point of time, 1.4.22. Both contain the vulnerable code.

Solution

Update the affected package.

See Also

https://www.openwall.com/lists/oss-security/2018/03/17/2

http://www.nessus.org/u?8fad6dcb

Plugin Details

Severity: High

ID: 108476

File Name: freebsd_pkg_928d5c592a5a11e8a7120025908740c2.nasl

Version: 1.6

Type: local

Published: 3/20/2018

Updated: 10/11/2019

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:squirrelmail, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 3/17/2018

Vulnerability Publication Date: 5/21/2017

Reference Information

CVE: CVE-2018-8741