Vulnerabilities > CVE-2004-0519 - Cross-Site Scripting vulnerability in SquirrelMail Folder Name
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Vulnerable Configurations
Exploit-Db
| description | SquirrelMail 1.4.x Folder Name Cross-Site Scripting Vulnerability. CVE-2004-0519. Webapps exploit for php platform |
| id | EDB-ID:24068 |
| last seen | 2016-02-02 |
| modified | 2004-04-30 |
| published | 2004-04-30 |
| reporter | Alvin Alex |
| source | https://www.exploit-db.com/download/24068/ |
| title | SquirrelMail 1.4.x Folder Name Cross-Site Scripting Vulnerability |
Nessus
NASL family Fedora Local Security Checks NASL id FEDORA_2004-160.NASL description A SQL injection flaw was found in SquirrelMail version 1.4.2 and earlier. If SquirrelMail is configured to store user addressbooks in the database, a remote attacker could use this flaw to execute arbitrary SQL statements. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0521 to this issue. A number of cross-site scripting (XSS) flaws in SquirrelMail version 1.4.2 and earlier could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0519 and CVE-2004-0520 to these issues. This update includes the SquirrelMail version 1.4.3a which is not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 13716 published 2004-07-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13716 title Fedora Core 2 : squirrelmail-1.4.3-1 (2004-160) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2004-240.NASL description An updated SquirrelMail package that fixes several security vulnerabilities is now available. SquirrelMail is a webmail package written in PHP. Multiple vulnerabilities have been found which affect the version of SquirrelMail shipped with Red Hat Enterprise Linux 3. A SQL injection flaw was found in SquirrelMail version 1.4.2 and earlier. If SquirrelMail is configured to store user addressbooks in the database, a remote attacker could use this flaw to execute arbitrary SQL statements. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0521 to this issue. A number of cross-site scripting (XSS) flaws in SquirrelMail version 1.4.2 and earlier could allow remote attackers to execute script as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0519 and CVE-2004-0520 to these issues. All users of SquirrelMail are advised to upgrade to the erratum package containing SquirrelMail version 1.4.3a which is not vulnerable to these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 12503 published 2004-07-06 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/12503 title RHEL 3 : squirrelmail (RHSA-2004:240) NASL family Debian Local Security Checks NASL id DEBIAN_DSA-535.NASL description Four vulnerabilities were discovered in squirrelmail : - CAN-2004-0519 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. - CAN-2004-0520 Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. - CAN-2004-0521 SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php. - CAN-2004-0639 Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable. last seen 2020-06-01 modified 2020-06-02 plugin id 15372 published 2004-09-29 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/15372 title Debian DSA-535-1 : squirrelmail - several vulnerabilities NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_C5519420CEC211D88898000D6111A684.NASL description Roman Medina-Heigl Hernandez did a survey which other webmail systems where vulnerable to a bug he discovered in SquirrelMail. This advisory summarizes the results. last seen 2020-06-01 modified 2020-06-02 plugin id 36521 published 2009-04-23 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/36521 title FreeBSD : 'Content-Type' XSS vulnerability affecting other webmail systems (c5519420-cec2-11d8-8898-000d6111a684) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200405-16.NASL description The remote host is affected by the vulnerability described in GLSA-200405-16 (Multiple XSS Vulnerabilities in SquirrelMail) Several unspecified cross-site scripting (XSS) vulnerabilities and a well-hidden SQL injection vulnerability were found. An XSS attack allows an attacker to insert malicious code into a web-based application. SquirrelMail does not check for code when parsing variables received via the URL query string. Impact : One of the XSS vulnerabilities could be exploited by an attacker to steal cookie-based authentication credentials from the user last seen 2020-06-01 modified 2020-06-02 plugin id 14502 published 2004-08-30 reporter This script is Copyright (C) 2004-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/14502 title GLSA-200405-16 : Multiple XSS Vulnerabilities in SquirrelMail NASL family CGI abuses NASL id SQUIRRELMAIL_143.NASL description The remote host is running SquirrelMail, a web-based mail server. There are several flaws in all versions less than 1.4.3 and development versions 1.5.0 and 1.5.1 that allow for local root access and remote cross-site scripting (XSS) attacks. ***** Nessus has determined the vulnerability exists on the target ***** simply by looking at the version number of Squirrelmail ***** installed there. last seen 2020-06-01 modified 2020-06-02 plugin id 14228 published 2004-05-05 reporter This script is Copyright (C) 2004-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/14228 title SquirrelMail < 1.4.3 Multiple Vulnerabilities NASL family Fedora Local Security Checks NASL id FEDORA_2004-159.NASL description A SQL injection flaw was found in SquirrelMail version 1.4.2 and earlier. If SquirrelMail is configured to store user addressbooks in the database, a remote attacker could use this flaw to execute arbitrary SQL statements. The Common Vulnerabilities and Exposures project has assigned the name CVE-2004-0521 to this issue. A number of cross-site scripting (XSS) flaws in SquirrelMail version 1.4.2 and earlier could allow remote attackers to execute scripts as other web users. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2004-0519 and CVE-2004-0520 to these issues. This update includes the SquirrelMail version 1.4.3a which is not vulnerable to these issues. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 13715 published 2004-07-23 reporter This script is Copyright (C) 2004-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/13715 title Fedora Core 1 : squirrelmail-1.4.3-0.f1.1 (2004-159) NASL family FreeBSD Local Security Checks NASL id FREEBSD_CONTENTTYPE_XSS.NASL description The following package needs to be updated: ilohamail last seen 2016-09-26 modified 2004-07-06 plugin id 12529 published 2004-07-06 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=12529 title FreeBSD : 'Content-Type' XSS vulnerability affecting other webmail systems (25)
Oval
accepted 2010-09-20T04:00:03.552-04:00 class vulnerability contributors name Jay Beale organization Bastille Linux name Jonathan Baker organization The MITRE Corporation
description Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. family unix id oval:org.mitre.oval:def:1006 status accepted submitted 2004-06-29T12:00:00.000-04:00 title SquirrelMail Cross-site Scripting Vulnerability I version 7 accepted 2013-04-29T04:04:13.841-04:00 class vulnerability contributors name Aharon Chernin organization SCAP.com, LLC name Dragos Prisaca organization G2, Inc.
definition_extensions comment The operating system installed on the system is Red Hat Enterprise Linux 3 oval oval:org.mitre.oval:def:11782 comment CentOS Linux 3.x oval oval:org.mitre.oval:def:16651
description Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. family unix id oval:org.mitre.oval:def:10274 status accepted submitted 2010-07-09T03:56:16-04:00 title Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php. version 26
Redhat
| advisories |
| ||||
| rpms | squirrelmail-0:1.4.3-0.e3.1 |
References
- ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
- http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858
- http://marc.info/?l=bugtraq&m=108334862800260
- http://rhn.redhat.com/errata/RHSA-2004-240.html
- http://secunia.com/advisories/11531
- http://secunia.com/advisories/11686
- http://secunia.com/advisories/11870
- http://secunia.com/advisories/12289
- http://security.gentoo.org/glsa/glsa-200405-16.xml
- http://www.debian.org/security/2004/dsa-535
- http://www.novell.com/linux/security/advisories/2005_19_sr.html
- http://www.securityfocus.com/advisories/6827
- http://www.securityfocus.com/archive/1/361857
- http://www.securityfocus.com/bid/10246
- https://bugzilla.fedora.us/show_bug.cgi?id=1733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16025
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274