Info

Disclosure

Apr 27, 2004

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

SquirrelMail contains a flaw that will allow an attacker to inject arbitrary SQL code. The issue is due to the insufficient sanitizing of data in input sent to the "abook_database.php" script. This will allow an attacker to inject or manipulate SQL queries. By sending a specially-crafted URL containing malicious SQL code, a remote attacker could add, modify or delete user information in the back-end database.

Classification

Location: Remote / Network Access
Attack Type: Information Disclosure, Input Manipulation
Impact: Loss of Confidentiality, Loss of Integrity
OSVDB: Web Related

Solution

Upgrade to version 1.4.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

SquirrelMail Project Team	Squirrelmail	1.4.3-RC1
		0.x
		1.0.x
		1.1.x
		1.2.x
		1.3.x
		1.4.0
		1.4.1
		1.4.2

References

Bugtraq ID: 10397
Secunia Advisory ID: 11685 11686 11870 12289
ISS X-Force ID: 16235
CVE ID: 2004-0521 (see also: NVD)
Related OSVDB ID: 6337
Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000858
http://sourceforge.net/mailarchive/forum.php?thread_id=4199060&forum_id=1988
Mail List Post: http://marc.theaimsgroup.com/?l=squirrelmail-cvs&m=108309375029888
Vendor Specific Advisory URL: http://rhn.redhat.com/errata/RHSA-2004-240.html
http://www.debian.org/security/2004/dsa-535
http://www.gentoo.org/security/en/glsa/glsa-200405-16.xml
Vendor URL: http://www.squirrelmail.org/

Credit

Marc Groot Koerkamp -

Direct URL: http://osvdb.org/6841

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

SquirrelMail Project Team

Squirrelmail

References

Credit