|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
PHPMailer command execution
From: Thor Larholm (seclists
larholm.com)
Date: Mon Jun 11 2007 - 12:46:16 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
PHPMailer is a widely deployed utility class used in PHP application to
handle emails sent through sendmail, PHP mailto() or SMTP. It is used in
PHP applications such as WordPress, Mantis, WebCalendar, Group-Office
and Joomla. The last official release happened on July 11, 2005.
If you have configured PHPMailer to use sendmail it has a remote command
execution vulnerability due to a lack of input validation. sendmail is
queried through the popen function which is called with a string
constructed from non-escaped user input.
http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/
Cheers
Thor Larholm
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]