Squirrelmail Remote Code Execution

Brought to you by: jangliss, jervfors, kink, pdontthink

#2839 Squirrelmail Remote Code Execution

Milestone: Can't Reproduce

Status: closed-fixed

Owner: Paul Lesniewski

Labels: None

Priority: 5

Updated: 2017-04-24

Created: 2017-04-24

Creator: Ilyas Bakirov

Private: No

Several author's of CVEs could not got in touch with Squirrelmail dev team, so here is information in case of dev could find CVE-2017-7692: Squirrelmail 1.4.22 Remote Code Execution: http://seclists.org/fulldisclosure/2017/Apr/81

Discussion

Paul Lesniewski - 2017-04-24

By several, you mean one. A fix has been added which will be available in our next daily release or immediately here:

https://sourceforge.net/p/squirrelmail/code/14649
https://sourceforge.net/p/squirrelmail/code/14650

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Paul Lesniewski - 2017-04-24

status: open --> closed-fixed

assigned_to: Paul Lesniewski
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Squirrelmail Remote Code Execution

Group

Searches

Help

#2839 Squirrelmail Remote Code Execution

Discussion