PDA

View Full Version : Security prroblem



IPaddress
05-13-2004, 08:05 AM
SquirrelMail Folder Name Cross-Site Scripting Vulnerability
BugTraq ID: 10246
Remote: Yes
Date Published: Apr 30 2004
Relevant URL: http://www.securityfocus.com/bid/10246
Summary:
It has been reported that SquirrelMail is affected by a cross-site scripting
vulnerability in the handling of folder name displays. This issue is due to a
failure of the application to properly sanitize user-supplied input prior to
including it in dynamic web content.

This issue may allow for theft of cookie-based authentication credentials.
Other attacks are also possible.

------------------------------------------------------------------------------------
ProFTPD CIDR Access Control Rule Bypass Vulnerability
BugTraq ID: 10252
Remote: Yes
Date Published: Apr 30 2004
Relevant URL: http://www.securityfocus.com/bid/10252
Summary:
ProFTPD has been reported prone to an access control rule bypass vulnerability.
The issue was reportedly introduced when a "portability workaround" was applied
to ProFTPD version 1.2.9.

This vulnerability may lead a system administrator into a false sense of
security, where it is believed that access to the ProFTPD server is restricted
by access control rules. In reality the access control restriction will not be
enforced at all.
------------------------------------------------------------------------------------

Exim Sender Verification Remote Stack Buffer Overrun Vulnera...
BugTraq ID: 10290
Remote: Yes
Date Published: May 06 2004
Relevant URL: http://www.securityfocus.com/bid/10290
Summary:
Exim has been reported prone to a remotely exploitable stack-based buffer
overrun vulnerability.

This is exposed if sender verification has been enabled in the agent and may be
triggered by a malicious e-mail. Exploitation may permit execution of arbitrary
code in the content of the mail transfer agent.

This issue is reported in exist in Exim 3.35. Earlier versions may also be
affected.

It should be noted that the vulnerable functionality is not enabled in the
default install, though some Linux/Unix distributions that ship the software may
enable it.
------------------------------------------------------------------------------------
Exim Header Syntax Checking Remote Stack Buffer Overrun Vuln...
BugTraq ID: 10291
Remote: Yes
Date Published: May 06 2004
Relevant URL: http://www.securityfocus.com/bid/10291
Summary:
Exim is reportedly prone to a remotely exploitable stack-based buffer overrun
vulnerability.

This issue is exposed if header syntax checking has been enabled in the agent
and may be triggered by a malicious e-mail. Though not confirmed to be
exploitable, if this condition were to be exploited, it would result in
execution of arbitrary code in the context of the mail transfer agent.
Otherwise, the agent would crash when handling malformed syntax in an e-mail
message.

The issue is reported to exist in both Exim 3.35 and 4.32, though the vulnerable
code exists in different source files in each of these versions.

It should be noted that the vulnerable functionality is not enabled in the
default install, though some Linux/Unix distributions that ship the software may
enable it.
-----------------------------------------------------------------------------------
Maybe you need update your soft..

Bye
IPaddress

ProWebUK
05-13-2004, 09:12 AM
Exim 4.32 RPMs are in this forum section, will get some squirrelmail RPMs made today aswell :) (aswell as put the DA exim conf in with the exim rpms!)

Chris

lesmak
05-14-2004, 07:23 PM
ProWebUK, are there any updates that comming soon for freebsd ?

nobaloney
05-15-2004, 03:27 PM
[QUOTE]Originally posted by ProWebUK
aswell as put the DA exim conf in with the exim rpms!/QUOTE]
Chris,

My spamblocking exim.conf file is now finished; I'm testing it for a few hours on my server before offering it to the list.

You might want to take a look at it.

Contact me via email if you'd like me to send it to you now.

Everyone else, don't ask... I still want to test it a few more hours.

Jeff