CVE-2006-2842

Severity

75%

Complexity

99%

Confidentiality

106%

Successful exploitation requires that "register_globals" is enabled and "magic_quotes_gpc" is disabled.

** DISPUTED ** PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there might be relevant real-world environments under which this vulnerability is applicable.

Successful exploitation requires that "register_globals" is enabled and "magic_quotes_gpc" is disabled.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 18 years ago

2006-06-06 20:06:00

Last updated 6 years ago

2018-10-18 16:43:00

Affected Software

SquirrelMail 1.0.4

1.0.4

SquirrelMail 1.0.5

1.0.5

SquirrelMail 1.2.0

1.2.0

SquirrelMail 1.2.1

1.2.1

SquirrelMail 1.2.2

1.2.2

SquirrelMail 1.2.3

1.2.3

SquirrelMail 1.2.4

1.2.4

SquirrelMail 1.2.5

1.2.5

SquirrelMail 1.2.6

1.2.6

SquirrelMail 1.2.7

1.2.7

SquirrelMail 1.2.8

1.2.8

SquirrelMail 1.2.9

1.2.9

SquirrelMail 1.2.10

1.2.10

SquirrelMail 1.2.11

1.2.11

SquirrelMail 1.4.0

1.4.0

SquirrelMail 1.4.1

1.4.1

SquirrelMail 1.4.2

1.4.2

SquirrelMail

References

20060703-01-P

http://docs.info.apple.com/article.html?artnum=306172

APPLE-SA-2007-07-31

20406

Patch, Vendor Advisory

20931

21159

21262

26235

1016209

http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE

Patch

MDKSA-2006:101

SUSE-SR:2006:017

RHSA-2006:0547

20060601 Squirrelmail local file inclusion

18231

Exploit

25159

http://www.squirrelmail.org/security/issue/2006-06-01

Patch

ADV-2006-2101

ADV-2007-2732

oval:org.mitre.oval:def:11670

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.