ISS X-Force Database: sqwebmail-html-xss(22043): SqWebMail HTML cross-site scripting

SqWebMail HTML cross-site scripting

sqwebmail-html-xss (22043)

Medium Risk

Description:

SqWebMail is vulnerable to cross-site scripting. A remote attacker could send a specially-crafted URL containing embedded code which, once the link is clicked, would be executed in the victim's Web browser within the security context of the hosting site. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

Platforms Affected:

Canonical, Ubuntu 4.10
Canonical, Ubuntu 5.04
Debian, Debian Linux 3.0
Debian, Debian Linux 3.1
Inter7, SqWebMail 5.0.4

Remedy:

Upgrade to the latest version of SqWebMail (0.51.0 or later), available from the Courier Mail Server Download Web page. See References.

For Ubuntu Linux:
Refer to USN-201-1 for patch, upgrade, or suggested workaround information. See References.

For other distributions:
Contact your vendor for upgrade or patch information.

Consequences:

Gain Access

References:

CIAC Information Bulletin P-295, Courier at http://www.ciac.org/ciac/bulletins/p-295.shtml.
Courier Mail Server Download Web page, Courier Mail Server - latest releases at http://www.courier-mta.org/?download.php.
Full-Disclosure Mailing List: Mon Aug 29 2005 - 05:33:59 CDT, Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability at http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0978.html.
BID-14676: SqWebMail HTML Email IMG Tag Script Injection Vulnerability
CVE-2005-2769: Cross-site scripting (XSS) vulnerability in SqWebMail 5.0.4 and possibly other versions allows remote attackers to inject arbitrary web script or HTML via an HTML e-mail containing tags with strings that contain > or other special characters, which is not properly sanitized by SqWebMail.
DSA-793: courier -- missing input sanitising
SA16600: SqWebMail HTML Emails Script Insertion Vulnerability
USN-201-1: SqWebmail vulnerabilities

Reported:

Aug 29, 2005

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page