[CVE-2006-4019] squirrelmail -- variable overwriting
Bug #57195 reported by
Christoph Sander
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| squirrelmail (Debian) |
Fix Released
|
Unknown
|
|||
| squirrelmail (Ubuntu) |
Fix Released
|
High
|
MOTU | ||
| Breezy |
Invalid
|
Undecided
|
Unassigned | ||
| Dapper |
Fix Released
|
Undecided
|
Leonel Erlichman | ||
Bug Description
Binary package hint: squirrelmail
According to the [CVE-2006-4019] the squirrelmail package in ubuntu 6.06 LTS is vulnerable to a security hole, where an authenticated user could overwrite random variables in the compose script.
CVE References
Revision history for this message
| Martin Pitt (pitti) wrote | #1 |
| Changed in squirrelmail: | |
| assignee: | nobody → motu |
| importance: | Untriaged → High |
| status: | Unconfirmed → Confirmed |
| Changed in squirrelmail: | |
| status: | Unknown → Fix Released |
| Changed in squirrelmail: | |
| status: | Confirmed → Fix Released |
| Changed in squirrelmail: | |
| status: | Unconfirmed → Confirmed |
| status: | Unconfirmed → Confirmed |
Revision history for this message
| Marco Rodrigues (gothicx) wrote | #2 |
| Changed in squirrelmail: | |
| status: | Confirmed → Rejected |
Revision history for this message
| Kees Cook (kees) wrote | #3 |
| Changed in squirrelmail: | |
| assignee: | nobody → leonel |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
universe package