FreeBSD Local Security Checks : FreeBSD Ports: ja-squirrelmail

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.52306

Categoría: FreeBSD Local Security Checks

Título: FreeBSD Ports: ja-squirrelmail

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to the system
as announced in the referenced advisory.

The following packages are affected:
ja-squirrelmail
squirrelmail

CVE-2004-1036:
Cross-site scripting (XSS) vulnerability in the decoding of
encoded text in certain headers in mime.php for SquirrelMail
allows remote attackers to execute arbitrary web script or HTML.

Solution:
Update your system with the appropriate patches or
software upgrades.

http://marc.theaimsgroup.com/?l=bugtraq&m=110012133608004
http://www.vuxml.org/freebsd/7fbfe159-3438-11d9-a9e7-0001020eed82.html

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Referencia Cruzada: BugTraq ID: 11653
Common Vulnerability Exposure (CVE) ID: CVE-2004-1036
http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html
http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html
Bugtraq: 20041110 [SquirrelMail Security Advisory] Cross Site Scripting in encoded text (Google Search)
http://marc.info/?l=bugtraq&m=110012133608004&w=2
Conectiva Linux advisory: CLA-2004:905
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000905
http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9592
XForce ISS Database: squirrelmail-mime-xss(18031)
https://exchange.xforce.ibmcloud.com/vulnerabilities/18031

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.52306
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Ports: ja-squirrelmail
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to the system as announced in the referenced advisory. The following packages are affected: ja-squirrelmail squirrelmail CVE-2004-1036: Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail allows remote attackers to execute arbitrary web script or HTML. Solution: Update your system with the appropriate patches or software upgrades. http://marc.theaimsgroup.com/?l=bugtraq&m=110012133608004 http://www.vuxml.org/freebsd/7fbfe159-3438-11d9-a9e7-0001020eed82.html CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	BugTraq ID: 11653 Common Vulnerability Exposure (CVE) ID: CVE-2004-1036 http://lists.apple.com/archives/security-announce/2005/Jan/msg00001.html http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html Bugtraq: 20041110 [SquirrelMail Security Advisory] Cross Site Scripting in encoded text (Google Search) http://marc.info/?l=bugtraq&m=110012133608004&w=2 Conectiva Linux advisory: CLA-2004:905 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000905 http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9592 XForce ISS Database: squirrelmail-mime-xss(18031) https://exchange.xforce.ibmcloud.com/vulnerabilities/18031
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com