[VIM] SquirrelMail GPG Plugin Vulnerabilities

security curmudgeon jericho at attrition.org
Sun Dec 2 04:38:05 UTC 2007

: I'm trying to make sense of the spate of recent vulnerabilities 
: associated with the GPG Plugin for SquirrelMail.
: [concise summary of mail list traffic]
: So, how are you VDB folks sorting all this out? I've noticed so far that 
: Bugtraq 24782 maps to WabiSabiLabi's advisory (although oddly it claims 
: the issue has now been resolved with version 2.1 of the plugin) and 
: 24828 to Esser's posting.
: Am I getting all this straight?

Looks like it. I just now caught up on mail and read through these and 
decided I don't have time to sort them vs changelogs. It's discouraging 
to see so many researchers, many reliable when they do formal 
vulnerability disclosure, dispense information with no real details or 

More information about the VIM mailing list