Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: CGI abuses : XSS --> Category: infos

SquirrelMail XSS and Local Privilege Escalation Vulnerability Scan


Vulnerability Scan Summary
SquirrelMail XSS and Local escalation

Detailed Explanation for this Vulnerability Test

The remote host is running SquirrelMail, a web-based mail server.

There are several flaws in all versions less than 1.4.3 and development
versions 1.5.0 and 1.5.1 which allow for local root access and remote
Cross-Site-Scripting (XSS) attacks.

***** Nessus has acertaind the vulnerability exists on the target
***** simply by looking at the version number of Squirrelmail
***** installed there.

Solution : Upgrade to SquirrelMail 1.4.3 or greater.

Threat Level: Medium

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.