[Bug 348839] [NEW] [dapper] security vulnerabilities with register_globals enabled: CVE-2006-3665 CVE-2006-3174
Andreas Wenning
awen at awen.dk
Thu Mar 26 07:45:39 UTC 2009
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: squirrelmail
== CVE-2006-3665 ==
SquirrelMail 1.4.6 and earlier, with register_globals enabled, allows remote attackers to hijack cookies in src/redirect.php via unknown vectors. NOTE: while "cookie theft" is frequently associated with XSS, the vendor disclosure is too vague to be certain of this.
>From changelog:
Security: Possible cookie theft in src/redirect.php if register_globals is enabled, and malicous site is running in same domain.
== CVE-2006-3174 ==
Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter.
>From changelog:
Tightened code in search.php for disputed security report. We don't believe this is exploitable, but the code is tightened anyway.
== Affects ==
Dapper only; fixed in version 1.4.7.
** Affects: squirrelmail (Ubuntu)
Importance: Medium
Assignee: Andreas Wenning (andreas-wenning)
Status: In Progress
** Visibility changed to: Public
** Changed in: squirrelmail (Ubuntu)
Importance: Undecided => Medium
Assignee: (unassigned) => Andreas Wenning (andreas-wenning)
Status: New => In Progress
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2006-3665
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2006-3174
--
[dapper] security vulnerabilities with register_globals enabled: CVE-2006-3665 CVE-2006-3174
https://bugs.launchpad.net/bugs/348839
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list