---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Debian update for squirrelmail SECUNIA ADVISORY ID: SA23504 VERIFY ADVISORY: http://secunia.com/advisories/23504/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for squirrelmail. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. For more information: SA23195 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-10.dsc Size/MD5 checksum: 680 cc443dbfaaf32fc0f157bc9dee46c937 http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-10.diff.gz Size/MD5 checksum: 28247 5a19e089f41344b4a8a556ced2da3917 http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4.orig.tar.gz Size/MD5 checksum: 575871 f50548b6f4f24d28afb5e6048977f4da Architecture independent components: http://security.debian.org/pool/updates/main/s/squirrelmail/squirrelmail_1.4.4-10_all.deb Size/MD5 checksum: 571102 f5f9f495411c7bdc3455a1e3b0598352 -- Debian GNU/Linux unstable alias sid -- Fixed in version 2:1.4.9a-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1241 OTHER REFERENCES: SA23195: http://secunia.com/advisories/23195/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------