ID CVE-2006-4019
Summary Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users. This vulnerability is addressed in the following product release: SquirrelMail, SquirrelMail, 1.4.8
References
Vulnerable Configurations
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*
  • cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*
    cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*
CVSS
Base: 6.4 (as of 17-10-2018 - 21:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:N
oval via4
accepted 2013-04-29T04:14:36.438-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 3
    oval oval:org.mitre.oval:def:11782
  • comment CentOS Linux 3.x
    oval oval:org.mitre.oval:def:16651
  • comment The operating system installed on the system is Red Hat Enterprise Linux 4
    oval oval:org.mitre.oval:def:11831
  • comment CentOS Linux 4.x
    oval oval:org.mitre.oval:def:16636
  • comment Oracle Linux 4.x
    oval oval:org.mitre.oval:def:15990
description Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
family unix
id oval:org.mitre.oval:def:11533
status accepted
submitted 2010-07-09T03:56:16-04:00
title Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
version 24
redhat via4
advisories
bugzilla
id 202195
title CVE-2006-4019 Squirrelmail authenticated user variable overwriting
oval
OR
  • AND
    comment Red Hat Enterprise Linux 3 is installed
    oval oval:com.redhat.rhba:tst:20070026001
  • AND
    comment Red Hat Enterprise Linux 4 is installed
    oval oval:com.redhat.rhba:tst:20070304001
rhsa
id RHSA-2006:0668
released 2006-09-26
severity Moderate
title RHSA-2006:0668: squirrelmail security update (Moderate)
refmap via4
apple APPLE-SA-2007-07-31
bid
  • 19486
  • 25159
bugtraq
  • 20060811 SquirrelMail 1.4.8 released - fixes variable overwriting attack
  • 20060811 rPSA-2006-0152-1 squirrelmail
confirm
debian DSA-1154
fulldisc 20060811 rPSA-2006-0152-1 squirrelmail
mandriva MDKSA-2006:147
misc http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch
osvdb 27917
sectrack 1016689
secunia
  • 21354
  • 21444
  • 21586
  • 22080
  • 22104
  • 22487
  • 26235
sgi 20061001-01-P
suse SUSE-SR:2006:023
vim 20060811 SquirrelMail issue is dynamic variable evaluation
vupen
  • ADV-2006-3271
  • ADV-2007-2732
xf squirrelmail-compose-variable-overwrite(28365)
Last major update 17-10-2018 - 21:32
Published 11-08-2006 - 21:04
Back to Top