Detections
Analytics

Debian DSA-1241-1 : squirrelmail - XSS

medium Nessus Plugin ID 23946

Synopsis

The remote Debian host is missing a security-related update.

Description

Martijn Brinkers discovered cross-site scripting vulnerabilities in the mailto parameter of webmail.php, the session and delete_draft parameters of compose.php and through a shortcoming in the magicHTML filter. An attacker could abuse these to execute malicious JavaScript in the user's webmail session.

Also, a workaround was made for Internet Explorer <= 5: IE will attempt to guess the MIME type of attachments based on content, not the MIME header sent. Attachments could fake to be a 'harmless' JPEG, while they were in fact HTML that Internet Explorer would render.

Solution

Upgrade the squirrelmail package.

For the stable distribution (sarge) these problems have been fixed in version 2:1.4.4-10.

For the upcoming stable distribution (etch) these problems have been fixed in version 2:1.4.9a-1.

See Also

http://www.debian.org/security/2006/dsa-1241

Plugin Details

Severity: Medium

ID: 23946

File Name: debian_DSA-1241.nasl

Version: 1.19

Type: local

Agent: unix

Published: 12/30/2006

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:squirrelmail, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 12/25/2006

Vulnerability Publication Date: 12/3/2006

Reference Information

CVE: CVE-2006-6142

DSA: 1241