Bugtraq mailing list archives

Re: Squirrelmail Chpasswod bof

From: Jonathan Angliss <jon () squirrelmail org>
Date: Sat, 17 Apr 2004 16:31:33 -0500

Hello Matias,
On Saturday, April 17, 2004, Matias Neiff wrote...

There is a boffer over flow in the chpasswd binary, distributed with the
plugin. This allow to local's user to execute commands as a root.


It should be noted that while this is a plugin for SquirrelMail, it is
not distributed as part of the SquirrelMail installation, and
generally not supported by the SquirrelMail development team. However,
due to the issue, we are looking into correcting this problem.

-- 
Jonathan Angliss
(jon () squirrelmail org)

Current thread:

Squirrelmail Chpasswod bof Matias Neiff (Apr 17)
- Re: Squirrelmail Chpasswod bof Jonathan Angliss (Apr 19)
- Re: Squirrelmail Chpasswod bof martin f krafft (Apr 19)
- <Possible follow-ups>
- Re: Squirrelmail Chpasswod bof Peter Geissler (Apr 19)
- Re: Squirrelmail Chpasswod bof rip (Apr 19)
- Re: Squirrelmail Chpasswod bof p dont think (Apr 27)