Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 29 Dec 2016 01:04:52 -0200
From: Dawid Golunski <>
Subject: Re: PHPMailer < 5.2.20 Remote Code Execution PoC 0day
 Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch)

On Wed, Dec 28, 2016 at 2:58 PM, Solar Designer <> wrote:
> On Wed, Dec 28, 2016 at 03:03:39AM -0200, Dawid Golunski wrote:
>> This was reported responsibly to the vendor & assigned a CVEID on the
>> 26th of December.
>> The vendor has been working on a new patch which would fix the problem but
>> not break the RFC too badly. The patch should be published very soon.
>> I'm releasing this as a 0day without the new patch available publicly
>> as a potential bypass was publicly discussed on oss-sec with Solar
>> Designer in the PHPMailer < 5.2.18 thread, so holding the advisory
>> further would serve no purpose.
> Yeah.  I did think for a moment before posting in here yesterday, but
> for a number of reasons chose to go ahead with the public discussion.
> Alexander

Hi Alexander,

No worries,  good that the patch came in quick so it wasn't too bad I guess.
Got a bunch of critical comments but most of them are pretty funny
anyway ;) E.g.


Good work on sensing trouble in that bit of code too though.

Dawid Golunski
t: @dawid_golunski

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ