Test Kennung:	1.3.6.1.4.1.25623.1.0.54576
Kategorie:	Gentoo Local Security Checks
Titel:	Gentoo Security Advisory GLSA 200405-16 (SquirrelMail)
Zusammenfassung:	NOSUMMARY
Beschreibung:	Description: The remote host is missing updates announced in advisory GLSA 200405-16. SquirrelMail is subject to several XSS and one SQL injection vulnerability. Solution: All SquirrelMail users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=net-mail/squirrelmail-1.4.3_rc1' # emerge '>=net-mail/squirrelmail-1.4.3_rc1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200405-16 http://bugs.gentoo.org/show_bug.cgi?id=49675 http://sourceforge.net/mailarchive/forum.php?thread_id=4199060&forum_id=1988 http://www.securityfocus.com/bid/10246/ http://www.cert.org/advisories/CA-2000-02.html CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0519 BugTraq ID: 10246 http://www.securityfocus.com/bid/10246 Bugtraq: 20040429 SquirrelMail Cross Scripting Attacks.... (Google Search) http://marc.info/?l=bugtraq&m=108334862800260 Bugtraq: 20040430 Re: SquirrelMail Cross Scripting Attacks.... (Google Search) http://www.securityfocus.com/archive/1/361857 Conectiva Linux advisory: CLA-2004:858 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858 Debian Security Information: DSA-535 (Google Search) http://www.debian.org/security/2004/dsa-535 http://www.securityfocus.com/advisories/6827 https://bugzilla.fedora.us/show_bug.cgi?id=1733 http://security.gentoo.org/glsa/glsa-200405-16.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274 RedHat Security Advisories: RHSA-2004:240 http://rhn.redhat.com/errata/RHSA-2004-240.html http://secunia.com/advisories/11531 http://secunia.com/advisories/11686 http://secunia.com/advisories/11870 http://secunia.com/advisories/12289 SGI Security Advisory: 20040604-01-U ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc SuSE Security Announcement: SUSE-SR:2005:019 (Google Search) http://www.novell.com/linux/security/advisories/2005_19_sr.html XForce ISS Database: squirrel-composephp-xss(16025) https://exchange.xforce.ibmcloud.com/vulnerabilities/16025 Common Vulnerability Exposure (CVE) ID: CVE-2004-0521 http://www.securityfocus.com/advisories/7148 BugTraq ID: 10397 http://www.securityfocus.com/bid/10397 Computer Incident Advisory Center Bulletin: O-212 http://www.ciac.org/ciac/bulletins/o-212.shtml http://marc.info/?l=squirrelmail-cvs&m=108309375029888 http://marc.info/?l=squirrelmail-cvs&m=108532891231712 http://www.osvdb.org/6841 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446 http://secunia.com/advisories/11685 XForce ISS Database: squirrelmail-sql-injection(16235) https://exchange.xforce.ibmcloud.com/vulnerabilities/16235
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.