[ViewVC] Annotation of: mports/trunk/mail/squirrelmail/distinfo

MD5 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 2df99afc1bc3b121296af65f52fbc5cc
SHA256 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = be7a8370b7937bfe7ad3a584d3416d4895986181e3aac5227f52e14279b100a0
RMD160 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 292d0f4123a8e8db84d9ff766a440848f1684b4b
SIZE (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 509216
MD5 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = c6463312afcd602ae60fd8f388dfb8c2
SHA256 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 8fa5b82bb2e4448da80d2ccc42ec9874df8674691358736da6c7c3f7bbbae639
RMD160 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 67ebd2a4af9385de05b7ebe445296e63f1bf2aa8
SIZE (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 3016605
Revision:	7906
Committed:	Sat May 16 15:31:38 2009 UTC (14 years, 11 months ago) by laffer1
File size:	731 byte(s)
Log Message:	functions/mime.php in SquirrelMail before 1.4.18 does not protect the application's content from Cascading Style Sheets (CSS) positioning in HTML e-mail messages, which allows remote attackers to spoof the user interface, and conduct cross-site scripting (XSS) and phishing attacks, via a crafted message. Session fixation vulnerability in SquirrelMail before 1.4.18 allows remote attackers to hijack web sessions via a crafted cookie The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.4.18 allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) certain encrypted strings in e-mail headers, related to contrib/decrypt_headers.php; (2) PHP_SELF; and (3) the query string (aka QUERY_STRING).
#	User	Rev	Content
1	laffer1	7906	MD5 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 2df99afc1bc3b121296af65f52fbc5cc
2			SHA256 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = be7a8370b7937bfe7ad3a584d3416d4895986181e3aac5227f52e14279b100a0
3			RMD160 (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 292d0f4123a8e8db84d9ff766a440848f1684b4b
4			SIZE (squirrelmail/squirrelmail-1.4.18.tar.bz2) = 509216
5	laffer1	4793	MD5 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = c6463312afcd602ae60fd8f388dfb8c2
6			SHA256 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 8fa5b82bb2e4448da80d2ccc42ec9874df8674691358736da6c7c3f7bbbae639
7	laffer1	7906	RMD160 (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 67ebd2a4af9385de05b7ebe445296e63f1bf2aa8
8	laffer1	4793	SIZE (squirrelmail/all_locales-1.4.13-20071220.tar.bz2) = 3016605