Oval Definition:oval:com.redhat.rhsa:def:20060668
Revision Date:2006-09-26Version:642
Title:RHSA-2006:0668: squirrelmail security update (Moderate)
Description:SquirrelMail is a standards-based webmail package written in PHP.

  • A dynamic variable evaluation flaw was found in SquirrelMail. Users who have an account on a SquirrelMail server and are logged in could use this flaw to overwrite variables which may allow them to read or write other users' preferences or attachments. (CVE-2006-4019)

    Users of SquirrelMail should upgrade to this erratum package, which contains SquirrelMail 1.4.8 to correct this issue. This package also contains a number of additional patches to correct various bugs.

    Note: After installing this update, users are advised to restart their httpd service to ensure that the new version functions correctly.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2006-4019
    RHSA-2006:0668
    RHSA-2006:0668-01
    RHSA-2006:0668-01
    Platform(s):Red Hat Enterprise Linux 3
    Red Hat Enterprise Linux 4
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND squirrelmail is earlier than 0:1.4.8-2.el3
  • AND squirrelmail is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squirrelmail is earlier than 0:1.4.8-2.el4
  • AND squirrelmail is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND squirrelmail is earlier than 0:1.4.8-2.el4
  • AND squirrelmail is signed with Red Hat redhatrelease2 key
    • BACK