| Vigil@nce team describes computer vulnerabilities impacting your systems, and offers solutions to correct them. |
|
 |
|
|
|
vulnerability note CVE-2010-1132
SpamAssassin Milter: command execution
Synthesis of the vulnerability
| When SpamAssassin Milter expands email addresses, a remote attacker can execute commands on the system. |
Severity: 3/4.
Creation date: 08/03/2010.
Revision date: 16/03/2010.
|
Description of the vulnerability
The SpamAssassin Milter program can be installed with Sendmail/Postfix, in order to transfer emails to SpamAssassin.
The option "-x" of spamass-milter requests the expansion of email addresses, by reading the alias table for example. To check the validity of an email address, and obtain the list of aliases, SpamAssassin Milter executes via popen() :
sendmail -bv "email@server.dom"
However, the email address is not filtered before being injected in this command. An attacker can therefore use an email address containing a shell escaping character, in order to execute a shell command.
When SpamAssassin Milter expands email addresses, a remote attacker can thus execute commands on the system. |
Complete Vigil@nce bulletin
Characteristics
Title: SpamAssassin Milter: command execution.
Keywords: Milter Postfix Sendmail SpamAssassin command execution.
Identifiers: BID-38578, CVE-2010-1132, DSA 2021-1, DSA 2021-2, FEDORA-2010-5096, FEDORA-2010-5112, FEDORA-2010-5176, VIGILANCE-VUL-9504.
|
Information sources
Solutions for this vulnerability
Supplements
Computer vulnerabilities tracking service
The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.
The Vigil@nce vulnerability database contains several thousand vulnerabilities.
This bulletin is published by the Vigil@nce team, which tracks computer vulnerabilities impacting systems and applications.
Security vulnerability alerts
|
