=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2009/VULN252
_____________________________________________________________________

DATE                      : 23/06/2009

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running SquirrelMail.

======================================================================
http://www.squirrelmail.org/
______________________________________________________________________


SECURITY: SquirrelMail Webserver Compromised
Published: June 16th, 2009 by Jonathan Angliss

At approximately 1700 GMT, on June 16, it was discovered that the
SquirrelMail webserver had been compromised. The project administrators
took immediate action to mitigate any futher compromises, locking all
accounts out, and resetting critical passwords.

At this time, the SquirrelMail project administrators have shut down
access to the original server, and put a temporary hold on access to
the plugins. It is believed that none of the plugins have been
compromised, but further investigations are still being executed.

The compromise of this server does not include a compromise of the
source control, which is hosted on a separate repository managed by
SourceForge.

Further details will be published as soon as the details have been
uncovered.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================