Date: Tue, 27 Dec 2016 09:19:28 -0500 From: Michael Hess <mlhess@...ch.edu> To: oss-security@...ts.openwall.com Subject: Re: PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] David, You might want to hold off on releasing this until wordpress has a patch out. https://core.trac.wordpress.org/ticket/37210 Michael On Tue, Dec 27, 2016 at 6:45 AM, Dawid Golunski <dawid@...alhackers.com> wrote: > PHPMailer < 5.2.18 Remote Code Execution > CVE-2016-10033 > > Attaching an updated version of the advisory with more details + simple PoC. > > Still incomplete. There will be more updates/exploits soon at: > > https://legalhackers.com/advisories/PHPMailer-Exploit-Remote-Code-Exec-CVE-2016-10033-Vuln.html > > https://twitter.com/dawid_golunski > > -- > Regards, > Dawid Golunski > https://legalhackers.com > t: @dawid_golunski
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ