Buffer overflow in the chpasswd command in the Change_passwd plugin before 4.0, as used in SquirrelMail, allows local users to gain root privileges via a long user name.
https://exchange.xforce.ibmcloud.com/vulnerabilities/15889
http://www.squirrelmail.org/plugin_view.php?id=117
http://secunia.com/advisories/11415