Vulnerability Name:

CVE-2005-2095 (CCN-21359)

Assigned:2005-07-13
Published:2005-07-13
Updated:2017-10-11
Summary:options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Wed Jul 13 2005 - 14:12:31 CDT
[SM-ANNOUNCE] SquirrelMail 1.4.5 Released

Source: MITRE
Type: CNA
CVE-2005-2095

Source: APPLE
Type: UNKNOWN
APPLE-SA-2005-08-17

Source: APPLE
Type: UNKNOWN
APPLE-SA-2005-08-15

Source: CCN
Type: SourceForge.net
You are requesting file: /squirrelmail/sqm-144-xss.patch

Source: CCN
Type: RHSA-2005-595
squirrelmail security update

Source: CCN
Type: CIAC Information Bulletin P-276
Apple Security Update 2005-007

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-756

Source: DEBIAN
Type: DSA-756
squirrelmail -- several vulnerabilities

Source: MISC
Type: UNKNOWN
http://www.gulftech.org/?node=research&article_id=00090-07142005

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:018

Source: REDHAT
Type: UNKNOWN
RHSA-2005:595

Source: BUGTRAQ
Type: UNKNOWN
20050714 [SM-ANNOUNCE] Patch available for CAN-2005-2095

Source: BUGTRAQ
Type: UNKNOWN
20050714 SquirrelMail Arbitrary Variable Overwriting Vulnerability

Source: BID
Type: UNKNOWN
14254

Source: CCN
Type: BID-14254
SquirrelMail Variable Handling Vulnerability

Source: CCN
Type: BID-14567
Apple Mac OS X Multiple Vulnerabilities

Source: CCN
Type: SquirrelMail Web site
ANNOUNCE: SquirrelMail 1.4.5-RC1 Released

Source: CONFIRM
Type: UNKNOWN
http://www.squirrelmail.org/security/issue/2005-07-13

Source: CCN
Type: SquirrelMail Security 2005-07-13
$_POST variable handling in options_identites allows for different attacks

Source: FEDORA
Type: UNKNOWN
FLSA:163047

Source: XF
Type: UNKNOWN
squirrelmail-set-post-variable(21359)

Source: XF
Type: UNKNOWN
squirrelmail-set-post-variable(21359)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:10500

Source: SUSE
Type: SUSE-SR:2005:018
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*
  • OR cpe:/a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052095
    V
    		CVE-2005-2095
    2015-11-16
    oval:org.mitre.oval:def:10500
    V
    		options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract function to process the $_POST variable, which allows remote attackers to modify or read the preferences of other users, conduct cross-site scripting XSS) attacks, and write arbitrary files.
    2013-04-29
    oval:com.redhat.rhsa:def:20050595
    P
    		RHSA-2005:595: squirrelmail security update (Moderate)
    2005-08-05
    oval:org.debian:def:756
    V
    		several vulnerabilities
    2005-07-13
    BACK
    squirrelmail squirrelmail 1.0.4
    squirrelmail squirrelmail 1.0.5
    squirrelmail squirrelmail 1.2.0
    squirrelmail squirrelmail 1.2.1
    squirrelmail squirrelmail 1.2.2
    squirrelmail squirrelmail 1.2.3
    squirrelmail squirrelmail 1.2.4
    squirrelmail squirrelmail 1.2.5
    squirrelmail squirrelmail 1.2.6
    squirrelmail squirrelmail 1.2.7
    squirrelmail squirrelmail 1.2.8
    squirrelmail squirrelmail 1.2.9
    squirrelmail squirrelmail 1.2.10
    squirrelmail squirrelmail 1.2.11
    squirrelmail squirrelmail 1.4
    squirrelmail squirrelmail 1.4.0
    squirrelmail squirrelmail 1.4.1
    squirrelmail squirrelmail 1.4.2
    squirrelmail squirrelmail 1.4.3
    squirrelmail squirrelmail 1.4.3_rc1
    squirrelmail squirrelmail 1.4.3a
    squirrelmail squirrelmail 1.44