|
|
SquirrelMail Variable Handling Vulnerability
|
Bugtraq ID:
|
14254
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2005-2095
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Jul 13 2005 12:00AM
|
|
Updated:
|
Jul 12 2009 04:06PM
|
|
Credit:
|
Discovery is credited to James Bercegay of GulfTech Security.
|
|
Vulnerable:
|
SquirrelMail SquirrelMail 1.4.8
SquirrelMail SquirrelMail 1.4.4 RC1
SquirrelMail SquirrelMail 1.4.4
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
+
Debian Linux 3.1
+
Debian Linux 3.1
+
Gentoo Linux
+
Gentoo Linux
+
Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 RC1
SquirrelMail SquirrelMail 1.4.3 r3
+
Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 a
+
Conectiva Linux 9.0
+
RedHat Fedora Core3
+
RedHat Fedora Core3
+
RedHat Fedora Core3
+
RedHat Fedora Core2
+
RedHat Fedora Core2
SquirrelMail SquirrelMail 1.4.3
SquirrelMail SquirrelMail 1.4.2
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
RedHat Fedora Core2
+
RedHat Fedora Core2
+
RedHat Fedora Core2
SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4 RC1
SquirrelMail SquirrelMail 1.4
SquirrelMail SquirrelMail 1.2.6
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
Debian Linux 3.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Professional 9.0 x86_64
S.u.S.E. Linux Professional 9.0
S.u.S.E. Linux Professional 8.2
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux Enterprise Server 9
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Desktop 1.0
RedHat Linux 9.0 i386
RedHat Fedora Core4
RedHat Fedora Core3
RedHat Fedora Core2
RedHat Fedora Core1
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux AS 4
RedHat Enterprise Linux AS 3
RedHat Desktop 4.0
RedHat Desktop 3.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.3.9
|
|
|
|
Not Vulnerable:
|
SquirrelMail SquirrelMail 1.4.5
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
|
|
|
