Vigil@nce: SquirrelMail, cross-site request forgery
August 2009 by Vigil@nce
An attacker can execute commands on the web interface of
SquirrelMail, with privileges of the victim seeing an HTML
document.
Severity: 2/4
Consequences: client access/rights
Provenance: document
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 21/08/2009
IMPACTED PRODUCTS
– Fedora
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The SquirrelMail program provides a mailbox access using a web
browser.
Web pages of the SquirrelMail web site contain forms to change
preferences, delete emails or send emails. However, these forms do
no check if they are voluntarily posted by an authenticated user.
An attacker can create an HTML document with an image, whose url
contains all parameters of the form. When the victim, who is
authenticated on the web site of SquirrelMail, reads this page,
the image is loaded, and form actions are executed.
An attacker can thus execute commands on the web interface of
SquirrelMail, with privileges of the victim seeing an HTML
document.
CHARACTERISTICS
Identifiers: FEDORA-2009-8797, FEDORA-2009-8822, VIGILANCE-VUL-8964
http://vigilance.fr/vulnerability/SquirrelMail-cross-site-request-forgery-8964