SquirrelMail 1.2.11 – Multiple Vulnerabilities

SquirrelMail 1.2.11 – Multiple Vulnerabilities

漏洞ID 1053966 漏洞类型
发布时间 2003-06-17 更新时间 2003-06-17
图片[1]-SquirrelMail 1.2.11 – Multiple Vulnerabilities-安全小百科CVE编号 N/A
图片[2]-SquirrelMail 1.2.11 – Multiple Vulnerabilities-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22793
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7952/info
  
Multiple vulnerabilities have been reported for Squirrelmail which could allow for information disclosure, data corruption, and privilege escalation.
  
The problems appear to occur due to insufficient sanitization of URI parameters submitted within HTTP requests.
  
*** It has been discovered that all information disclosure and data corruption issues are in fact not vulnerabilities. The issue lies in the default IMAP configuration, allowing a remote authenticated user to specify their local mailbox file. This behaviour is clearly specified in the IMAP FAQ.
  
All actions carried out by an authenticated user are done with their own local system privileges, effectively having no affect on the system. This information has been confirmed by the vendor.
  
It should also be noted that the vendor has announced that the privilege elevation issue is indeed legitimate. In the future this BID will be re-used to cover that vulnerability alone. 


File disclosure:
http://www.example.com/src/read_body.php?mailbox=/etc/passwd&passed_id=1&

File deletion:
http://www.example.com/src/delete_message.php?mailbox=[filehere]&message=1


File download:
http://www.example.com/src/download.php?absolute_dl=true&passed_id=1&passed_ent_id=1&mailbox=/etc/passwd

相关推荐: FreeBSD catopen()函数缓冲区溢出漏洞

FreeBSD catopen()函数缓冲区溢出漏洞 漏洞ID 1206203 漏洞类型 缓冲区溢出 发布时间 2000-12-11 更新时间 2000-12-11 CVE编号 CVE-2000-1011 CNNVD-ID CNNVD-200012-027 漏…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享