ID de Prueba:	1.3.6.1.4.1.25623.1.0.11415
Categoría:	Web application abuses
Título:	SquirrelMail Cross-Site Scripting Vulnerability
Resumen:	The remote host seems to be vulnerable to a security problem in; SquirrelMail. Its script 'read_body.php' didn't filter out user input for; 'filter_dir' and 'mailbox', making an XSS attack possible.
Descripción:	Summary: The remote host seems to be vulnerable to a security problem in SquirrelMail. Its script 'read_body.php' didn't filter out user input for 'filter_dir' and 'mailbox', making an XSS attack possible. Solution: Upgrade to a newer version of this software CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2002-1276 BugTraq ID: 7019 http://www.securityfocus.com/bid/7019 Debian Security Information: DSA-191 (Google Search) http://www.debian.org/security/2002/dsa-191 http://www.redhat.com/support/errata/RHSA-2003-042.html http://secunia.com/advisories/8220 http://www.iss.net/security_center/static/10634.php Common Vulnerability Exposure (CVE) ID: CVE-2002-1341 BugTraq ID: 6302 http://www.securityfocus.com/bid/6302 Bugtraq: 20021203 Re: SquirrelMail v1.2.9 XSS bugs (Google Search) http://marc.info/?l=bugtraq&m=103911130503272&w=2 Bugtraq: 20021203 SquirrelMail v1.2.9 XSS bugs (Google Search) http://marc.info/?l=bugtraq&m=103893844126484&w=2 Bugtraq: 20021215 GLSA: squirrelmail (Google Search) http://marc.info/?l=bugtraq&m=104004924002662&w=2 Debian Security Information: DSA-220 (Google Search) http://www.debian.org/security/2002/dsa-220 http://f0kp.iplus.ru/bz/008.txt XForce ISS Database: squirrelmail-readbody-xss(10754) https://exchange.xforce.ibmcloud.com/vulnerabilities/10754
Copyright	Copyright (C) 2005 Xue Yong Zhi

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.