----------------------------------------------------------------------

Hardcore Disassembler / Reverse Engineer Wanted!

Want to work with IDA and BinDiff?
Want to write PoC's and Exploits?

Your nationality is not important.
We will get you a work permit, find an apartment, and offer a
relocation compensation package.

http://secunia.com/hardcore_disassembler_and_reverse_engineer/

----------------------------------------------------------------------

TITLE:
Debian update for squirrelmail

SECUNIA ADVISORY ID:
SA21586

VERIFY ADVISORY:
http://secunia.com/advisories/21586/

CRITICAL:
Less critical

IMPACT:
Manipulation of data, Exposure of sensitive information

WHERE:
>From remote

DESCRIPTION:
Debian has issued an update for squirrelmail. This fixes a
vulnerability, which can be exploited by malicious users to disclose
or manipulate sensitive information.

For more information:
SA21354

SOLUTION:
Apply updated packages.

-- Debian GNU/Linux 3.1 alias sarge --

 Source archives:

http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-9.dsc
Size/MD5 checksum: 678 de55f30e42570db82bec8aefe90093ac
http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-9.diff.gz
Size/MD5 checksum: 25409 b9e9854e2702f34a7d5bede75942a391
http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4.orig.tar.gz
Size/MD5 checksum: 575871 f50548b6f4f24d28afb5e6048977f4da

Architecture independent components:

http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-9_all.deb
Size/MD5 checksum: 569078 1510859cc583447180b761ae38895191

-- Debian GNU/Linux unstable alias sid --

Fixed in version 1.4.8-1.

ORIGINAL ADVISORY:
http://www.us.debian.org/security/2006/dsa-1154

OTHER REFERENCES:
SA21354:
http://secunia.com/advisories/21354/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------