CVE-2005-1924: CVE-2005-1924

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2005-1924

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The G/PGP (GPG) Plugin 2.1 and earlier for Squirrelmail allow remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the fpr parameter to the deleteKey function in gpg_keyring.php, as called by (a) import_key_file.php, (b) import_key_text.php, and (c) keyring_main.php; and (2) the keyserver parameter to the gpg_recv_key function in gpg_key_functions.php, as called by gpg_options.php. NOTE: this issue may overlap CVE-2007-3636.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SquirrelMail G/PGP加密插件多个远程命令执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SquirrelMail是一个多功能的用PHP4实现的Webmail程序，可运行于Linux/Unix类操作系统下。 SquirrelMail的实现上存在多个输入验证漏洞，远程攻击者可能利用这些漏洞在服务器上执行任意命令。SquirrelMail中的G/PGP加密插件没有正确地过滤所包含的某些文件，gpg_help.php和gpg_help_base.php文件中可能包含有通过""help"" HTTP GET请求参数所提供的本地文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2005-1924

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2005-1924

Please Login to view more intelligence information

https://www.exploit-db.com/exploits/4173exploitx_refsource_EXPLOIT-DB
http://osvdb.org/37924vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/26035third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/26424third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/24874vdb-entryx_refsource_BID
http://osvdb.org/37923vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/2513vdb-entryx_refsource_VUPEN
http://security.gentoo.org/glsa/glsa-200708-08.xmlvendor-advisoryx_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/35364vdb-entryx_refsource_XF
https://exchange.xforce.ibmcloud.com/vulnerabilities/35355vdb-entryx_refsource_XF
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=329third-party-advisoryx_refsource_IDEFENSE
http://www.attrition.org/pipermail/vim/2007-July/001710.htmlmailing-listx_refsource_VIM
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=331third-party-advisoryx_refsource_IDEFENSE
http://www.securityfocus.com/archive/1/473370/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2005-1924

New Vulnerabilities

Product: n/a

Vendor: n/a

V. Comments for CVE-2005-1924

No comments yet

Support Us — Your donation helps us keep running

I. Basic Information for CVE-2005-1924

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2005-1924

III. Intelligence Information for CVE-2005-1924

New Vulnerabilities

V. Comments for CVE-2005-1924

Leave a comment