Public Date:

The MITRE CVE dictionary describes this issue as:

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."

Find out more about CVE-2006-0377 from the MITRE CVE dictionary dictionary and NIST NVD.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 3 (squirrelmail) RHSA-2006:0283 2006-05-03
Red Hat Enterprise Linux version 4 (squirrelmail) RHSA-2006:0283 2006-05-03