Date: Thu, 27 Apr 2017 01:48:32 -0300 From: Dawid Golunski <dawid@...alhackers.com> To: oss-security@...ts.openwall.com Subject: Re: SquirrelMail <= 1.4.23 Remote Code Execution (CVE-2017-7692) In case anyone needs the patched release, it looks like the patch got included at last in version: squirrelmail-20170427_0200-SVN Regards, Dawid Golunski https://legalhackers.com | https://ExploitBox.io t: @dawid_golunski On Mon, Apr 24, 2017 at 6:14 PM, Dawid Golunski <dawid@...alhackers.com> wrote: > SquirrelMail <= 1.4.23 Remote Code Execution (CVE-2017-7692) > > Desc.: > SquirrelMail is affected by a critical Remote Code Execution vulnerability > which stems from insufficient escaping of user-supplied data when > SquirrelMail has been configured with Sendmail as the main transport. > An authenticated attacker may be able to exploit the vulnerability > to execute arbitrary commands on the target and compromise the remote > system. > > Discovered by: > Dawid Golunski (https://legalhackers.com : https://ExploitBox.io) > , as well as Filippo Cavallarin (see attached advisory for details) > > Official solution: > Vendor seems to have released a new version of 1.4.23 on > squirrelmail-20170424_0200-SVN.stable.tar.gz > which still seems to be vulnerable hence a new subject/thread. > > The exploit from my advisory was also confirmed to work on Ubuntu > package: '1.4.23~svn20120406-2ubuntu1.16.04.1'. > > Hence the updated version in the subject/advisory title. > > Full advisory URL: > > https://legalhackers.com/advisories/SquirrelMail-Exploit-Remote-Code-Exec-CVE-2017-7692-Vuln.html > > > > -- > Regards, > Dawid Golunski > https://legalhackers.com > https://ExploitBox.io > t: @dawid_golunski
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ