icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SquirrelMail < 1.4.4 URI Parsing Arbitrary Code Execution

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running SquirrelMail, a webmail system written in PHP. Versions of SquirrelMail prior to 1.4.4-Stable are vulnerable to a remote buffer overflow within the URI parsing functionality of SquirrelMail. An attacker exploiting this flaw would only need to be able to send web requests to the vulnerable system.

Solution

Upgrade to version 1.4.4 or higher.