Detections
Analytics

Debian DSA-988-1 : squirrelmail - several vulnerabilities

medium Nessus Plugin ID 22854

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities have been discovered in Squirrelmail, a commonly used webmail system. The Common Vulnerabilities and Exposures project identifies the following problems :

 - CVE-2006-0188 Martijn Brinkers and Ben Maurer found a flaw in webmail.php that allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter.

 - CVE-2006-0195 Martijn Brinkers and Scott Hughes discovered an interpretation conflict in the MagicHTML filter that allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) '/*' and '*/' comments, or (2) slashes inside the 'url' keyword, which is processed by some web browsers including Internet Explorer.

 - CVE-2006-0377 Vicente Aguilera of Internet Security Auditors, S.L.
 discovered a CRLF injection vulnerability, which allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka 'IMAP injection.' There's no known way to exploit this yet.

Solution

Upgrade the squirrelmail package.

For the old stable distribution (woody) these problems have been fixed in version 1.2.6-5.

For the stable distribution (sarge) these problems have been fixed in version 2:1.4.4-8.

See Also

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354062

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354063

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=354064

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=355424

https://security-tracker.debian.org/tracker/CVE-2006-0188

https://security-tracker.debian.org/tracker/CVE-2006-0195

https://security-tracker.debian.org/tracker/CVE-2006-0377

http://www.debian.org/security/2006/dsa-988

Plugin Details

Severity: Medium

ID: 22854

File Name: debian_DSA-988.nasl

Version: 1.18

Type: local

Agent: unix

Published: 10/14/2006

Updated: 1/4/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:squirrelmail, cpe:/o:debian:debian_linux:3.0, cpe:/o:debian:debian_linux:3.1

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 3/8/2006

Vulnerability Publication Date: 2/1/2006

Reference Information

CVE: CVE-2006-0188, CVE-2006-0195, CVE-2006-0377

DSA: 988