Red Hat Bugzilla – Bug 162275
CAN-2005-2095 squirrelmail cross site posting issue
Last modified: 2007-11-30 17:07:18 EST
A new vulnerability has been discovered in SquirrelMail. The file
src/options_identities.php contained some very bad, legacy code: an
extract($_POST) was done, effectively allowing a malicious attacker to
change session variables and even other people's preferences.
It must be noted that for this to happen you need to trick someone into
using an external form to post the information which is not trivial.
This issue also affects RHEL3
Created attachment 116290 [details]
Proposed patch from upstream
Now public at http://www.squirrelmail.org/security/issue/2005-07-13
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.