Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 27 Apr 2017 01:48:32 -0300
From: Dawid Golunski <dawid@...alhackers.com>
To: oss-security@...ts.openwall.com
Subject: Re: SquirrelMail <= 1.4.23 Remote Code Execution (CVE-2017-7692)

In case anyone needs the patched release, it looks like the patch got
included at last in version:
squirrelmail-20170427_0200-SVN


Regards,
Dawid Golunski
https://legalhackers.com  |  https://ExploitBox.io
t: @dawid_golunski


On Mon, Apr 24, 2017 at 6:14 PM, Dawid Golunski <dawid@...alhackers.com> wrote:
> SquirrelMail <= 1.4.23 Remote Code Execution (CVE-2017-7692)
>
> Desc.:
> SquirrelMail is affected by a critical Remote Code Execution vulnerability
> which stems from insufficient escaping of user-supplied data when
> SquirrelMail has been configured with Sendmail as the main transport.
> An authenticated attacker may be able to exploit the vulnerability
> to execute arbitrary commands on the target and compromise the remote
> system.
>
> Discovered by:
> Dawid Golunski (https://legalhackers.com : https://ExploitBox.io)
> , as well as Filippo Cavallarin (see attached advisory for details)
>
> Official solution:
> Vendor seems to have released a new version of 1.4.23 on
> squirrelmail-20170424_0200-SVN.stable.tar.gz
> which still seems to be vulnerable hence a new subject/thread.
>
> The exploit from my advisory was also confirmed to work on Ubuntu
> package: '1.4.23~svn20120406-2ubuntu1.16.04.1'.
>
> Hence the updated version in the subject/advisory title.
>
> Full advisory URL:
>
> https://legalhackers.com/advisories/SquirrelMail-Exploit-Remote-Code-Exec-CVE-2017-7692-Vuln.html
>
>
>
> --
> Regards,
> Dawid Golunski
> https://legalhackers.com
> https://ExploitBox.io
> t: @dawid_golunski

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ