Dailydave mailing list archives
Re: SquirrelMail GPG Plugin vuln
From: "James Matthews" <nytrokiss () gmail com>
Date: Mon, 9 Jul 2007 15:41:02 -0700
And now the person that wanted to make money is losing it because of you people being so nosy! Sniff Sniff =) On 7/9/07, Nicob <nicob () nicob net> wrote:
Le lundi 09 juillet 2007 à 08:46 -0500, Charles Miller a écrit : > Also, the vulnerability Nicob pointed out was pre-auth (mine was post- > auth). Simply sending an email to an user using the PGP plugin was enough to compromise the server hosting SquirrelMail. That's nice, as the webmail URL doesn't have to be known. The server can even be unreachable from the Internet. That's imho more than pre-auth, as you can blindly send tons of mails to random addresses and compromise some servers. 592 function gpg_check_sign_pgp_mime($message,$fullbodytext) { [...] 639 //$messageSignedText = escapeshellarg($messageSignedText); 640 $messageSignedText = ereg_replace("\"", "\\\"",$messageSignedText ); [...] 661 $command = "echo -n \"$messageSignedText\" | [blablabla] Nicob _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
-- http://www.goldwatches.com/watches.asp?Brand=14 http://www.jewelerslounge.com
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: SquirrelMail GPG Plugin vuln Stefan Esser (Jul 09)
- Re: SquirrelMail GPG Plugin vuln Charles Miller (Jul 09)
- Re: SquirrelMail GPG Plugin vuln Nicob (Jul 09)
- Re: SquirrelMail GPG Plugin vuln James Matthews (Jul 09)
- Re: SquirrelMail GPG Plugin vuln bob jones (Jul 09)
- Re: SquirrelMail GPG Plugin vuln Nicolas RUFF (Jul 17)
- Re: SquirrelMail GPG Plugin vuln Nicob (Jul 09)
- Re: SquirrelMail GPG Plugin vuln Charles Miller (Jul 09)