|
Family: CGI abuses --> Category: infos
SquirrelMail's Multiple Flaws Vulnerability Scan
Vulnerability Scan Summary Determine if squirrelmail reads arbitrary files
Detailed Explanation for this Vulnerability Test
The remote host is running SquirrelMail, a web-based mail server.
There is a flaw in the remote installation which may allow an
attacker with a valid webmail account to read, move and delete arbitrary
files on this server, with the rights of the HTTP server.
Solution : Upgrade to SquirrelMail 1.2.12 when it is available
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|