Published: 22/06/2010 Updated: 08/02/2024

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

The Mail Fetch plugin in SquirrelMail 1.4.20 and previous versions allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

Vulnerable Product	Search on Vulmon	Subscribe to Product
squirrelmail squirrelmail
fedoraproject fedora 11
fedoraproject fedora 13
fedoraproject fedora 12
apple mac os x server
apple mac os x
redhat enterprise linux server 5.0
redhat enterprise linux workstation 5.0
redhat enterprise linux desktop 5.0

Synopsis Moderate: squirrelmail security update Type/Severity Security Advisory: Moderate Topic An updated squirrelmail package that fixes several security issues is nowavailable for Red Hat Enterprise Linux 4 and 5The Red Hat Security Response Team has rated this update as having moderatesecurity impact ...

Go package of CWE IDs and metadata

cwe Go package of CWE IDs and metadata The list is generated from a CSV from the Comprehensive CWE Dictionary Example Here's CWE-918: "CWE-918": { Name: "Server-Side Request Forgery (SSRF)", WeaknessAbstraction: "Base", Status: "Incomplete", Description: "The web server receives

CWE-918 http://squirrelmail.org/security/issue/2010-06-21 http://www.openwall.com/lists/oss-security/2010/05/25/9 http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/plugins/mail_fetch/functions.php?r1=13951&r2=13950&pathrev=13951 http://www.openwall.com/lists/oss-security/2010/06/21/1 http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/plugins/mail_fetch/options.php?r1=13951&r2=13950&pathrev=13951 http://www.openwall.com/lists/oss-security/2010/05/25/3 http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=69 http://www.securityfocus.com/bid/40291 http://secunia.com/advisories/40307 http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043239.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043261.html http://lists.fedoraproject.org/pipermail/package-announce/2010-June/043258.html http://www.securityfocus.com/bid/40307 http://www.mandriva.com/security/advisories?name=MDVSA-2010:120 http://www.vupen.com/english/advisories/2010/1554 http://www.vupen.com/english/advisories/2010/1535 http://www.vupen.com/english/advisories/2010/1536 http://support.apple.com/kb/HT5130 http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://rhn.redhat.com/errata/RHSA-2012-0103.html https://access.redhat.com/errata/RHSA-2012:0103 https://nvd.nist.gov https://github.com/Preetam/cwe

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-1637

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect