Site Network: | | Jongsma & Jongsma

Security for All

Sûnnet Beskerming is a company with a focus and a drive to provide Information Security services for all those who want to stay safe and secure in an online world.

Username: | Password: Contact us to request an account

SquirrelMail - Remote hacker automatic control

Version: 1.4.11 to 1.4.12
Technical Details:

The primary repository for SquirrelMail was poisoned, with versions 1.4.11 and 1.4.12 being altered to make them vulnerable to an arbitrary remote code execution condition.


It was recently discovered that the primary download repositories for SquirrelMail, the popular PHP-based webmail application, were compromised by unknown parties and two recent versions of the software were modified to introduce a critical vulnerability.

The introduced vulnerability would allow a remote attacker to run software of their choice on a victim's server that is running SquirrelMail.


Update to version 1.4.13 of SquirrelMail and ensure that the signatures match the packages.


Source: and


Not publicly available

External Tracking Data:

Not yet Identified

Social bookmark this page