oss-sec mailing list archives
Re: CVE Request for Horde and Squirrelmail
From: "Thijs Kinkhorst" <thijs () debian org>
Date: Fri, 21 May 2010 10:44:27 +0200
Hi Max, On Thu, May 20, 2010 15:04, Max Olsterd wrote:
Hi, Is there a CVE number available for the two 0-days exposed during Hack In The Box Dubai 2010 ?
More info available on the slides of the corporate hackers who found the 0-days : http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf -> Squirrelmail: page 69 (post auth vuln)
I don't think there's a CVE number available for the SquirrelMail "issue", but I also highly doubt that it's actually a vulnerability. What they basically assert is, that as an authenticated user using the POP3 fetch mail plugin, you could repeatedly change the POP3 server settings and as such could 'portscan' a remote target. This seems just as much a vulnerability as that you could use telnet, or fetchmail, or Thunderbird, to be a 'portscanner', as these all have the option to change a remote server address at will. Or that having a shell account at a system is a security vulnerability as you would be able to write a bash script to repeatedly netcat to remote hosts. I don't buy this. Note that you need to be an authenticated user to do this. Cheers, Thijs
Current thread:
- CVE Request for Horde and Squirrelmail Max Olsterd (May 20)
- Re: [core] CVE Request for Horde and Squirrelmail Marcus I. Ryan (May 20)
- Re: CVE Request for Horde and Squirrelmail Thijs Kinkhorst (May 21)
- Re: CVE Request for Horde and Squirrelmail Max Olsterd (May 22)
- Re: CVE Request for Horde and Squirrelmail Thijs Kinkhorst (May 23)
- Re: CVE Request for Horde and Squirrelmail Nicob (May 24)
- Re: [SquirrelMail-Security] [oss-security] CVE Request for Horde and Squirrelmail Paul Lesniewski (May 25)
- Re: CVE Request for Horde and Squirrelmail Max Olsterd (May 22)
- Re: [core] CVE Request for Horde and Squirrelmail Michael M Slusarz (May 24)
- Re: CVE Request for Horde and Squirrelmail Josh Bressers (May 25)
- Re: CVE Request for Horde and Squirrelmail Steven M. Christey (May 25)
- Re: [SquirrelMail-Security] [oss-security] CVE Request for Horde and Squirrelmail Paul Lesniewski (Jun 21)