SquirrelMail Web-based Mail Server Lets Remote Users Execute Arbitrary Code on the Server Date: Jan 25 2002 Impact: Execution of arbitrary code via network, User access via network Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes Version(s): 1.2.2 Description: A vulnerability was reported in SquirrelMail webmail server. A remote user can execute arbitrary commands on the server. It is reported that the spell checker plugin (check_me.mod.php) allows a remote user to specify commands to be executed on the server. The following type of URL will reportedly trigger the vulnerability: host/plugins/squirrelspell/modules/check_me.mod.php?SQSPELL_APP[blah]=wall% 20hello&sqspell_use_ app=blah&attachment_dir=/tmp&username_sqspell_data=plik Impact: A remote user can execute commands on the server with the privileges of the web server. Solution: The vendor has released a fixed version (1.2.4), available at: http://www.squirrelmail.org/download.php ebuild doesnt need to be changed much. SOrry have to get too work now so i cant make a fixed ebuild. BUt if the bug isnt solved yet when i come back i make one. Ferry Meyndert <m0rpheus@poseidon.mine.nu>
*** This bug has been marked as a duplicate of 354 ***
