From: joey@infodrom.org (Martin Schulze) To: bugtraq@securityfocus.com Date: Thu, 7 Nov 2002 17:54:55 +0100 (CET) Message was signed by Martin Schulze <joey@debian.org> (Key ID: 0x801EA932). The signature is valid, but the key's validity is unknown. -------------------------------------------------------------------------- Debian Security Advisory DSA 191-1 security@debian.org http://www.debian.org/security/ Martin Schulze November 7th, 2002 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : squirrelmail Vulnerability : cross site scripting Problem-Type : remote Debian-specific: no BugTraq ID : 5949 CVE ID : CAN-2002-1131 CAN-2002-1132 Several cross site scripting vulnerabilities have been found in squirrelmail, a feature-rich webmail package written in PHP4. The Common Vulnerabilities and Exposures (CVE) project identified the following vulnerabilities: 1. CAN-2002-1131: User input is not always sanitized so execution of arbitrary code on a client computer is possible. This can happen after following a malicious URL or by viewing a malicious addressbook entry. 2. CAN-2002-1132: Another problem could make it possible for an attacker to gain sensitive information under some conditions. When a malformed argument is appended to a link, an error page will be generated which contains the absolute pathname of the script. However, this information is available through the Contents file of the distribution anyway.