Oval Definition:oval:org.mitre.oval:def:1033
Revision Date:2010-09-20Version:6
Title:SquirrelMail SQL Injection Vulnerability
Description:SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2004-0521
Platform(s):Red Hat Enterprise Linux 3
Product(s):SquirrelMail
Definition Synopsis
  • Software section
  • Red Hat Enterprise 3 is installed
  • AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed
  • AND php rpm is installed
  • AND Configuration section
  • httpd is listening on the network
  • AND /etc/httpd/modules/libphp4.so exists
    • BACK