The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictions and use SquirrelMail as a proxy to scan internal networks via a modified POP3 port number. 8 CVE-2009-2964: 352: CSRF 2009-08-25: 2017-09-18
Can I use the SquirrelMail authentication on other web pages not part of SquirrelMail? With Apache you can use mod_auth_imap. It authenticates the user via the IMAP server. Without mod_auth_imap your web pages may try using cookies set by SquirrelMail. Or you need to integrate SquirrelMail authentication procedures in your pages. SquirrelMail / Re: [SM-USERS] Unknown user or password Hi all, I am having the "Unknown user or password incorrect." problem after a successful login. I could initially login, then after some clicks within squirrelmail, the scripts comes up with something saying "Not logged in", so after a re-login, everything will be ok, then "Not logged in" will come back to haunt. SquirrelMail - Webmail for Nuts! Allows users to specify a optional personalized login alias. Login Authentication - (60922 downloads) Details and downloads Original Author: Tyler Akins Last Release: 3.0 on May 30, 2012 Allows externally authenticated (using HTTP authentication or a single sign-on system) users to skip the SquirrelMail login page. Login Check - (11992 downloads)
SquirrelMail on Red Hat Uses Fixed Session ID Values
Squirrelmail 1.4.22 is affected by a Remote Code Execution Apr 25, 2017 Horde vs Roundcube vs SquirrelMail - Which cPanel Webmail
Login Authentication Plugin - SquirrelMail - Webmail for Nuts
Login Authentication Plugin - SquirrelMail - Webmail for Nuts Plugins - Login Authentication Category: Logging in This plugin tells SquirrelMail how to understand when users have been externally authenticated, in which case the SquirrelMail login page is unnecessary. Common uses of this plugin are for environments that employ HTTP authentication or have implemented single sign-on systems. SquirrelMail - Webmail for Nuts!