Test ID:	1.3.6.1.4.1.25623.1.0.54576
Category:	Gentoo Local Security Checks
Title:	Gentoo Security Advisory GLSA 200405-16 (SquirrelMail)
Summary:	The remote host is missing updates announced in;advisory GLSA 200405-16.
Description:	Summary: The remote host is missing updates announced in advisory GLSA 200405-16. Vulnerability Insight: SquirrelMail is subject to several XSS and one SQL injection vulnerability. Solution: All SquirrelMail users should upgrade to the latest stable version: # emerge sync # emerge -pv '>=net-mail/squirrelmail-1.4.3_rc1' # emerge '>=net-mail/squirrelmail-1.4.3_rc1' CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-0519 BugTraq ID: 10246 http://www.securityfocus.com/bid/10246 Bugtraq: 20040429 SquirrelMail Cross Scripting Attacks.... (Google Search) http://marc.info/?l=bugtraq&m=108334862800260 Bugtraq: 20040430 Re: SquirrelMail Cross Scripting Attacks.... (Google Search) http://www.securityfocus.com/archive/1/361857 Conectiva Linux advisory: CLA-2004:858 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858 Debian Security Information: DSA-535 (Google Search) http://www.debian.org/security/2004/dsa-535 http://www.securityfocus.com/advisories/6827 https://bugzilla.fedora.us/show_bug.cgi?id=1733 http://security.gentoo.org/glsa/glsa-200405-16.xml https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274 RedHat Security Advisories: RHSA-2004:240 http://rhn.redhat.com/errata/RHSA-2004-240.html http://secunia.com/advisories/11531 http://secunia.com/advisories/11686 http://secunia.com/advisories/11870 http://secunia.com/advisories/12289 SGI Security Advisory: 20040604-01-U ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc SuSE Security Announcement: SUSE-SR:2005:019 (Google Search) http://www.novell.com/linux/security/advisories/2005_19_sr.html XForce ISS Database: squirrel-composephp-xss(16025) https://exchange.xforce.ibmcloud.com/vulnerabilities/16025 Common Vulnerability Exposure (CVE) ID: CVE-2004-0521 http://www.securityfocus.com/advisories/7148 BugTraq ID: 10397 http://www.securityfocus.com/bid/10397 Computer Incident Advisory Center Bulletin: O-212 http://www.ciac.org/ciac/bulletins/o-212.shtml http://marc.info/?l=squirrelmail-cvs&m=108309375029888 http://marc.info/?l=squirrelmail-cvs&m=108532891231712 http://www.osvdb.org/6841 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1033 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11446 http://secunia.com/advisories/11685 XForce ISS Database: squirrelmail-sql-injection(16235) https://exchange.xforce.ibmcloud.com/vulnerabilities/16235
Copyright	Copyright (C) 2008 E-Soft Inc.

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.