[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Launchpad Bug Tracker Thu, 24 Jun 2010 05:56:07 -0700

This bug was fixed in the package squirrelmail - 2:1.4.20-1ubuntu1

---------------
squirrelmail (2:1.4.20-1ubuntu1) maverick; urgency=low


  * SECURITY UPDATE: (LP: #598077)
  * The Mail Fetch plugin allows remote authenticated users to bypass firewall
    restrictions and use SquirrelMail as a proxy to scan internal networks via
    a modified POP3 port number.
    - http://squirrelmail.org/security/issue/2010-06-21
    - CVE-2010-1637
    - Patch taken from upstream svn rev. 13951. Applied inline.
 -- Andreas Wenning <a...@awen.dk>   Thu, 24 Jun 2010 14:19:29 +0200

** Changed in: squirrelmail (Ubuntu Maverick)
       Status: In Progress => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-1637

-- 
CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
https://bugs.launchpad.net/bugs/598077
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Reply via email to