erlug
[Top] [All Lists]

Re: [Erlug] Squirrelmail e charset

To: erlug@xxxxxxxxxxxxxx
Subject: Re: [Erlug] Squirrelmail e charset
From: dariondol <dario@xxxxxxxxxxxxxxxxx>
Date: Tue, 2 Apr 2002 14:51:39 +0200
On Tue, Apr 02, 2002 at 02:45:07PM +0200, Michele Finelli wrote:
> * Alessandro Forghieri (alf@xxxxxxxx) [020402 14:16]:
> > 
> > P.S. Chi ancora crede che i computer siano un esempio di progresso consideri
> > quanto sopra: l'informatica e' la scienza dove non si riesce a capire che
> > iso_8859_1  e iso-8859-1 sono la stessa cosa. Deprimente.
> >
> 
> BTW l'informatica e` anche la scienza che ti ricorda che e` stato
> segnalato un bug di SquirrelMail pochi giorni fa, trovi i riferimenti su
> bugtraq, non ho il mail sottomano
> 

forwardo da bugtraq
_____________________________________________________________________________
On Wed, 2002-03-27 at 20:16, pokleyzz sakamaniaka wrote:
> email user  can append $THEME variable through 
> cookies

This is very obscure and is limited only to valid users within your
squirrelmail application (e.g. the person has to have a valid login in
order to exploit this vulnerability). The problem is fixed in the
current CVS and will be out with Squirrelmail-1.2.6. Here is the fix,
should you want to apply it, or just wait till the next release, since
this is not a high-risk vulnerability.

Regards,
Konstantin Riabitsev,
Squirrelmail Bugmaster

hotfix:

--- validate.php.orig   Sun Mar 31 16:15:52 2002
+++ validate.php        Fri Mar 29 00:28:05 2002
@@ -61,6 +61,15 @@
 * Include them down here instead of at the top so that all config
  * variables overwrite any passed in variables (for security).
   */
   +
   +/**
   + * Reset the $theme() array in case a value was passed via a cookie.
   + * This is until theming is rewritten.
   + */
   +global $theme;
   +unset($theme);
   +$theme=array();
   +
    require_once('../config/config.php');
     require_once('../src/load_prefs.php');
      require_once('../functions/page_header.php');
------------------------------------------------------------------------------

Saluti
-- 
DarioB (on irc dariondol) 
S.A. Labinfo - Facolta' di Economia - Universita' degli Studi BO
Segretario ERLUG 
http://erlug.linux.it


<Prev in Thread] Current Thread [Next in Thread>