SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (E-mail Server)  >   SquirrelMail Vendors:   SquirrelMail Development Team
SquirrelMail on Red Hat Uses Fixed Session ID Values
SecurityTracker Alert ID:  1021611
SecurityTracker URL:  http://securitytracker.com/id/1021611
CVE Reference:   CVE-2009-0030   (Links to External Site)
Date:  Jan 19 2009
Impact:   Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  

Description:   A vulnerability was reported in SquirrelMail. A remote authenticated user can hijack user sessions.

The version issued with Red Hat Security Advisory RHSA-2009:0010 contains a session handling flaw. When a remote authenticated user logs out and then logs in without restarting their web browser, the system will issue a fixed session ID. As a result, the remote authenticated user can highjack user sessions.

Impact:   A remote authenticated user can hijack user sessions.
Solution:   Red Hat has issued a fix.

The Red Hat advisory is available at:

https://rhn.redhat.com/errata/RHSA-2009-0057.html

Vendor URL:  rhn.redhat.com/errata/RHSA-2009-0057.html (Links to External Site)
Cause:   Authentication error
Underlying OS:   Linux (Red Hat Enterprise)

Message History:   None.


 Source Message Contents

Date:  Mon, 19 Jan 2009 16:21:46 -0500
Subject:  [RHSA-2009:0057-01] Important: squirrelmail security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Important: squirrelmail security update
Advisory ID:       RHSA-2009:0057-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-0057.html
Issue date:        2009-01-19
CVE Names:         CVE-2009-0030 
=====================================================================

1. Summary:

An updated squirrelmail package that fixes a security issue is now
available for Red Hat Enterprise Linux 3, 4 and 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - noarch
Red Hat Desktop version 3 - noarch
Red Hat Enterprise Linux ES version 3 - noarch
Red Hat Enterprise Linux WS version 3 - noarch
Red Hat Enterprise Linux AS version 4 - noarch
Red Hat Enterprise Linux Desktop version 4 - noarch
Red Hat Enterprise Linux ES version 4 - noarch
Red Hat Enterprise Linux WS version 4 - noarch
RHEL Desktop Workstation (v. 5 client) - noarch
Red Hat Enterprise Linux (v. 5 server) - noarch

3. Description:

SquirrelMail is an easy-to-configure, standards-based, webmail package
written in PHP. It includes built-in PHP support for the IMAP and SMTP
protocols, and pure HTML 4.0 page-rendering (with no JavaScript required)
for maximum browser-compatibility, strong MIME support, address books, and
folder manipulation.

The Red Hat SquirrelMail packages provided by the RHSA-2009:0010 advisory
introduced a session handling flaw. Users who logged back into SquirrelMail
without restarting their web browsers were assigned fixed session
identifiers. A remote attacker could make use of that flaw to hijack user
sessions. (CVE-2009-0030)

SquirrelMail users should upgrade to this updated package, which contains a
patch to correct this issue. As well, all users who used affected versions
of SquirrelMail should review their preferences.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network.  Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

480224 - Squirrelmail session management broken by security backport
480488 - CVE-2009-0030 squirrelmail: session management flaw

6. Package List:

Red Hat Enterprise Linux AS version 3:

Source:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/squirrelmail-1.4.8-9.el3.src.rpm

noarch:
squirrelmail-1.4.8-9.el3.noarch.rpm

Red Hat Desktop version 3:

Source:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/squirrelmail-1.4.8-9.el3.src.rpm

noarch:
squirrelmail-1.4.8-9.el3.noarch.rpm

Red Hat Enterprise Linux ES version 3:

Source:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/squirrelmail-1.4.8-9.el3.src.rpm

noarch:
squirrelmail-1.4.8-9.el3.noarch.rpm

Red Hat Enterprise Linux WS version 3:

Source:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/squirrelmail-1.4.8-9.el3.src.rpm

noarch:
squirrelmail-1.4.8-9.el3.noarch.rpm

Red Hat Enterprise Linux AS version 4:

Source:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/squirrelmail-1.4.8-5.el4_7.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el4_7.3.noarch.rpm

Red Hat Enterprise Linux Desktop version 4:

Source:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/squirrelmail-1.4.8-5.el4_7.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el4_7.3.noarch.rpm

Red Hat Enterprise Linux ES version 4:

Source:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/squirrelmail-1.4.8-5.el4_7.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el4_7.3.noarch.rpm

Red Hat Enterprise Linux WS version 4:

Source:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/squirrelmail-1.4.8-5.el4_7.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el4_7.3.noarch.rpm

RHEL Desktop Workstation (v. 5 client):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/squirrelmail-1.4.8-5.el5_2.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el5_2.3.noarch.rpm

Red Hat Enterprise Linux (v. 5 server):

Source:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/squirrelmail-1.4.8-5.el5_2.3.src.rpm

noarch:
squirrelmail-1.4.8-5.el5_2.3.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0030
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2009 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFJdO7NXlSAg2UNWIIRAgXeAJ447LxWcontLbAx+EEHZ5eagSvCHwCfQyk2
WRZhdlyvSOppFGTSThKLHpw=
=7fXJ
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC