|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> Red Hat Local Security Checks >> RHSA-2006-0283: squirrelmail Vulnerability Assessment Details
|
RHSA-2006-0283: squirrelmail |
||
Check for the version of the squirrelmail packages Detailed Explanation for this Vulnerability Assessment An updated squirrelmail package that fixes three security and many other bug issues is now available. This update contains bug fixes of upstream squirrelmail 1.4.6 with some additional improvements to international language support. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. A bug was found in the way SquirrelMail presents the right frame to the user. If a user can be tricked into opening a carefully crafted URL, it is possible to present the user with arbitrary HTML data. (CVE-2006-0188) A bug was found in the way SquirrelMail filters incoming HTML email. It is possible to cause a victim's web browser to request remote content by opening a HTML email while running a web browser that processes certain types of invalid style sheets. Only Internet Explorer is known to process such malformed style sheets. (CVE-2006-0195) A bug was found in the way SquirrelMail processes a request to select an IMAP mailbox. If a user can be tricked into opening a carefully crafted URL, it is possible to execute arbitrary IMAP commands as the user viewing their mail with SquirrelMail. (CVE-2006-0377) Users of SquirrelMail are advised to upgrade to this updated package, which contains SquirrelMail version 1.4.6 and is not vulnerable to these issues. Solution : http://rhn.redhat.com/errata/RHSA-2006-0283.html Network Security Threat Level: High Networks Security ID: Vulnerability Assessment Copyright: This script is Copyright (C) 2006 Tenable Network Security |
||
Cables, Connectors |
Supermicro 4U 4x Nvidia GPU AI Server 3.8Ghz 8-Core 256GB 2x10G SFP+ 2x2200W
$3472.00
Supermicro 4U 4x Nvidia GPU AI Server 2.6Ghz 8-Core 256GB 2x10G SFP+ 2x2200W
$1382.00
Supermicro 4U 4x Nvidia GPU AI Server 3.6Ghz 8-Core 256GB 2x10G SFP+ 2x2200W
$1732.00
Intel - Core i9-13900K 13th Gen 24 cores 8 P-cores + 16 E-cores 36M Cache, 3 ...
$689.99
Intel - Core i7-13700K 13th Gen 16 cores 8 P-cores + 8 E-cores 30M Cache, 3.4...
$489.99
Dell OptiPlex 7060 Micro 8-Core i7 8700 3.20GHz 16GB 512GB SSD Win 11 Pro
$214.00
Apple Mac Pro Processor Tray 5,1 2010 2012 2.4ghz 8 core
$79.99
Intel - Core i9-12900K Desktop Processor 16 (8P+8E) Cores up to 5.2 GHz Unloc...
$619.99
Dell Optiplex 5060 SFF 8th Gen Core i7 3.2GHZ 16GB 512GB Win 11 Pro
$249.00
Lenovo Loq 15Irh8 15" Laptop Core i5-13420H GeForce RTX 2050 16GB 512GB SSD W11H
$499.99
|
||
No Discussions have been posted on this vulnerability. |