SquirrelMail是一款基于PHP的WEB MAIL服务程序。
SquirrelMail不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞获得敏感信息或覆盖系统文件。
验证用户可以使用compose.php脚本覆盖随计变量,可能导致读取或覆盖用户参考文件或附件。
SquirrelMail SquirrelMail 1.4.7
SquirrelMail SquirrelMail 1.4.6 -rc1
SquirrelMail SquirrelMail 1.4.6 -cvs
SquirrelMail SquirrelMail 1.4.6
SquirrelMail SquirrelMail 1.4.4 RC1
SquirrelMail SquirrelMail 1.4.4
+ Debian Linux 3.1 sparc
+ Debian Linux 3.1 s/390
+ Debian Linux 3.1 ppc
+ Debian Linux 3.1 mipsel
+ Debian Linux 3.1 mips
+ Debian Linux 3.1 m68k
+ Debian Linux 3.1 ia-64
+ Debian Linux 3.1 ia-32
+ Debian Linux 3.1 hppa
+ Debian Linux 3.1 arm
+ Debian Linux 3.1 alpha
+ Debian Linux 3.1
+ Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 RC1
SquirrelMail SquirrelMail 1.4.3 r3
+ Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 a
+ Conectiva Linux 9.0
+ RedHat Fedora Core3
SquirrelMail SquirrelMail 1.4.3
SquirrelMail SquirrelMail 1.4.3
SquirrelMail SquirrelMail 1.4.2
+ MandrakeSoft Corporate Server 3.0 x86_64
+ MandrakeSoft Corporate Server 3.0
+ RedHat Fedora Core2
SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4 RC1
SquirrelMail SquirrelMail 1.4
rPath rPath Linux 1
<a href="http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-minimal.patch" target="_blank">http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-minimal.patch</a>
<a href="http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch" target="_blank">http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch</a>
京公网安备 11010502034610号
暂无评论