Launchpad CVE tracker

CVE 2010-1637

The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number.

Related bugs and status

CVE-2010-1637 (Candidate) is related to these bugs:

Bug #598077: CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan

		In	Importance	Status
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu)	Undecided	Fix Released
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu Hardy)	Low	Fix Released
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu Jaunty)	Low	Fix Released
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu Karmic)	Low	Fix Released
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu Lucid)	Low	Fix Released
598077	CVE-2010-1637 Mail fetch plugin can be used as proxy for port scan	squirrelmail (Ubuntu Maverick)	Undecided	Fix Released

Bug #612202: Please sync squirrelmail 2:1.4.21-1 (universe) from Debian unstable (main).

Summary				In	Importance	Status
	612202	Please sync squirrelmail 2:1.4.21-1 (universe) from Debian unstable (main).		squirrelmail (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2010-1637

References