Package: squirrelmail Version: 2:1.4.4-8 There is a local file include vulnerability in redirect.php (information disclosure).
For more information see: http://www.securityfocus.com/bid/18231 Example URI: http://www.example.com/[squirrelmail dir]/src/redirect.php?plugins[]=../../../../etc/passwd%00 -- Oliver Paulus OpenPGP Key id: 28D9C44F Fingerprint: EADA 62FC 07DC 3361 A3D6 4174 2DE3 C027 28D9 C44F Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x28D9C44F
pgpjlWgd7fY8d.pgp
Description: Digitale PGP-Unterschrift
