Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

SquirrelMail From Email header HTML injection vulnerability Vulnerability Scan

Vulnerability Scan Summary
Check Squirrelmail for HTML injection vulnerability

Detailed Explanation for this Vulnerability Test

The target is running at least one instance of SquirrelMail whose
version number is between 1.2.0 and 1.2.10 inclusive. Such versions do
not properly sanitize From headers, leaving users vulnerable to XSS
attacks. Further, since SquirrelMail displays From headers when listing
a folder, attacks does not require a user to actually open a message,
only view the folder listing.

For example, a remote attacker could effectively launch a DoS against
a user by sending a message with a From header such as :

From:John Doe<>

which rewrites the session ID cookie and effectively logs the user

***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number(s) of Squirrelmail
***** installed there.

Solution : Upgrade to SquirrelMail 1.2.11 or later or wrap the call to
sqimap_find_displayable_name in printMessageInfo in
functions/mailbox_display.php with a call to htmlentities.

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.