*** This bug is a security vulnerability *** Public security bug reported:
Binary package hint: squirrelmail Description from http://squirrelmail.org/security/issue/2010-06-21 A vulnerability was reported in the SquirrelMail Mail Fetch plugin, wherein (when the plugin is activated by the administrator) a user is allowed to specify (without restriction) any port number for their external POP account settings. While the intention is to allow users to access POP3 servers using non-standard ports, this also allows malicious users to effectively port-scan any server through their SquirrelMail service (especially note that when a SquirrelMail server resides on a network behind a firewall, it may allow the user to explore the network topography (DNS scan) and services available (port scan) on the inside of (behind) that firewall). As this vulnerability is only exploitable post-authentication, and better more specific port scanning tools are freely available, we consider this vulnerability to be of very low severity. It has been fixed by restricting the allowable POP port numbers (with an administrator configuration override available). ** Affects: squirrelmail (Ubuntu) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Lucid) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Maverick) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Hardy) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Jaunty) Importance: Undecided Status: In Progress ** Affects: squirrelmail (Ubuntu Karmic) Importance: Undecided Status: In Progress ** Visibility changed to: Public ** Changed in: squirrelmail (Ubuntu) Status: New => In Progress ** Also affects: squirrelmail (Ubuntu Hardy) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Jaunty) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Karmic) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Lucid) Importance: Undecided Status: New ** Also affects: squirrelmail (Ubuntu Maverick) Importance: Undecided Status: In Progress ** Changed in: squirrelmail (Ubuntu Lucid) Status: New => In Progress ** Changed in: squirrelmail (Ubuntu Jaunty) Status: New => In Progress ** Changed in: squirrelmail (Ubuntu Hardy) Status: New => In Progress ** Changed in: squirrelmail (Ubuntu Karmic) Status: New => In Progress -- CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan https://bugs.launchpad.net/bugs/598077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs