[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Launchpad Bug Tracker Wed, 07 Jul 2010 09:22:04 -0700

This bug was fixed in the package squirrelmail - 2:1.4.13-2ubuntu1.6

---------------
squirrelmail (2:1.4.13-2ubuntu1.6) hardy-security; urgency=low


  * SECURITY UPDATE: (LP: #598077)
  * The Mail Fetch plugin allows remote authenticated users to bypass firewall
    restrictions and use SquirrelMail as a proxy to scan internal networks via
    a modified POP3 port number.
    - http://squirrelmail.org/security/issue/2010-06-21
    - CVE-2010-1637
    - Patch taken from upstream svn rev. 13951. Applied inline.
 -- Andreas Wenning <[email protected]>   Thu, 24 Jun 2010 14:16:06 +0200

-- 
CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan
https://bugs.launchpad.net/bugs/598077
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 598077] Re: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

Reply via email to