Security 10816 Published by

Thanks Vermyndax for this one:



Caught this over at www.squirrelmail.org - there's a buffer overflow in a plugin that sounds fairly important:

It has been uncovered that there is a buffer overflow vulnerability in the change_passwd plugin. Anybody currently using a version of this plugin should disable the plugin, and stay tuned to the news here. The plugin is not part of SquirrelMail, but an add-in developed by an external entity, and not usually supported by the development team.
Read more