[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Launchpad Bug Tracker Wed, 07 Jul 2010 09:21:54 -0700

This bug was fixed in the package squirrelmail - 2:1.4.15-4ubuntu0.4

---------------
squirrelmail (2:1.4.15-4ubuntu0.4) jaunty-security; urgency=low


  * SECURITY UPDATE: (LP: #598077)
  * The Mail Fetch plugin allows remote authenticated users to bypass firewall
    restrictions and use SquirrelMail as a proxy to scan internal networks via
    a modified POP3 port number.
    - http://squirrelmail.org/security/issue/2010-06-21
    - CVE-2010-1637
    - Patch taken from upstream svn rev. 13951. Applied inline.
 -- Andreas Wenning <a...@awen.dk>   Thu, 24 Jun 2010 14:16:52 +0200

** Changed in: squirrelmail (Ubuntu Hardy)
       Status: Fix Committed => Fix Released

-- 
CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
https://bugs.launchpad.net/bugs/598077
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Reply via email to