Vulnerability Details : CVE-2009-1381
Potential exploit
The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOTE: this issue exists because of an incomplete fix for CVE-2009-1579.
Products affected by CVE-2009-1381
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.2.6-rc1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*
- cpe:2.3:a:squirrelmail:imap_general.php:1.2.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-1381
0.59%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 67 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-1381
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
Vendor statements for CVE-2009-1381
-
Red Hat 2009-05-26Not vulnerable. This issue did not affect the versions of squirrelmail as shipped with Red Hat Enterprise Linux 3, 4, or 5. Updates for squirrelmail released via RHSA-2009:1066 (https://rhn.redhat.com/errata/RHSA-2009-1066.html) fixed original flaw CVE-2009-1579 without introducing CVE-2009-1381.
References for CVE-2009-1381
-
http://www.mandriva.com/security/advisories?name=MDVSA-2009:122
-
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01195.html
-
http://secunia.com/advisories/35140
Vendor Advisory
-
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01202.html
-
http://www.securityfocus.com/archive/1/503718/100/0/threaded
-
http://www.debian.org/security/2009/dsa-1802
Vendor Advisory
-
http://release.debian.org/proposed-updates/stable_diffs/squirrelmail_1.4.15-4+lenny2.debdiff
Exploit;Vendor Advisory
Jump to