##############################################################################
#
#  SquirrelMail compose.php Multiple Vulnerabilities
#
#  Copyright: OS2A and it's member companies
#
#  Date Written: 2006/08/19
#
#  $Revision: 1.1 $
#
#  $Log: os2a_squirrelmail_mult_vuln_601998.nasl,v $
#  Revision 1.1  2006/08/18 13:30:07  shraddha
#  To Production Issue #2890
#
#
#  Revision 1.1  2006/08/18 07:21:50  nrnandini
#  ------------------------------------------------------------------------
#  This program was written by OS2A and/or it's member companies and is
#  licensed under the GNU GPL license. Please see below for details. This
#  header contains information regarding licensing terms under the GPL, and
#  information regarding obtaining source code from the Author. Consequently,
#  pursuant to section 3(c) of the GPL, you must accompany the information
#  found in this header with any distribution you make of this Program.
#  ------------------------------------------------------------------------
##############################################################################

if(description)
{
 script_id(601998);
 script_bugtraq_id(19486);
 script_cve_id("CVE-2006-4019");
 script_copyright(english:"Copyright (C) 2006 OS2A");
 script_version("$Revision: 1.1 $");
 script_category(ACT_GATHER_INFO);
 script_family(english:"CGI abuses");
 script_name(english:"SquirrelMail compose.php Multiple Vulnerabilities");
 script_summary(english:"Check for vulnerable version of SquirrelMail");
 desc["english"] = "
 Overview : This host has SquirrelMail installed which is prone to data
 modification and information disclosure vulnerabilities.

 This flaw is due to an input validation error in the compose.php script,
 which could be exploited by attackers to overwrite certain variables and
 manipulate other users preferences and attachments.

 Successful exploitation requires user authentication.

 Impact : Successful exploitation can lead attackers to overwrite certain
 variables, manipulation of data and disclosure of information.

 Scope of impact is restricted to the application level.

 Affected Software : SquirrelMail version 1.4.7 and prior.

 Affected Platforms : Any system running the affected software.

 Solution : Upgrade to SquirrelMail version 1.4.8,
	    http://www.squirrelmail.org/download.php

 References : http://www.squirrelmail.org/security/issue/2006-08-11
              http://secunia.com/advisories/21354/
 
 CVSS Score :
	CVSS Base Score     : 3.1 (AV:R/AC:L/Au:R/C:P/I:P/A:N/B:I)
	CVSS Temporal Score : 2.3
 Risk factor : Medium";
 script_description(english:desc["english"]);
 script_dependencie("squirrelmail_detect.nasl");
 script_require_ports("Services/www", 80);
 exit(0);
}


 include("http_func.inc");

 port = get_http_port(default:80);
 if(!get_port_state(port)){
	exit(0);
 }

 squirrelList = get_kb_list(string("www/", port, "/squirrelmail"));
 if(squirrelList == NULL){
 	exit(0);
 }

 foreach item (squirrelList)
 {
	if(egrep(pattern:"^1\.4\.[0-7][^0-9]", string:item))
	{
      		security_warning(port);
		exit(0);
    	}
 }