Описание
ELSA-2009-1066: squirrelmail security update (IMPORTANT)
[1.4.8-5.0.1.el5_3.7]
- Remove Redhat splash screen images
[1.4.8-5.7]
- fix broken patch for CVE-2009-1579
[1.4.8-5.6]
- fix broken patch for CVE-2009-1579
[1.4.8-5.5]
- don't ship patch backup files
[1.4.8-5.4]
- fix: CVE-2009-1581 : CSS positioning vulnerability
- fix: CVE-2009-1579 : Server-side code injection in map_yp_alias username map
- fix: CVE-2009-1578 : Multiple cross site scripting issues
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
squirrelmail
1.4.8-5.0.1.el5_3.7
Oracle Linux x86_64
squirrelmail
1.4.8-5.0.1.el5_3.7
Oracle Linux i386
squirrelmail
1.4.8-5.0.1.el5_3.7
Связанные CVE
Связанные уязвимости
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.
The map_yp_alias function in functions/imap_general.php in SquirrelMai ...
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.