 |
Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | ||
| CVE Kennung: | CVE-2007-4538 |
| Beschreibung: | email_in.pl in Bugzilla 2.23.4 through 3.0.0 allows remote attackers to execute arbitrary commands via the -f (From address) option to the Email::Send::Sendmail function, probably involving shell metacharacters. |
| Test Kennungen: | Nicht verfügbar |
| Querverweise: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4538 BugTraq ID: 25425 http://www.securityfocus.com/bid/25425 Bugtraq: 20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4 (Google Search) http://www.securityfocus.com/archive/1/477630/100/0/threaded http://security.gentoo.org/glsa/glsa-200709-18.xml https://bugzilla.mozilla.org/show_bug.cgi?id=386860 http://osvdb.org/37203 http://www.securitytracker.com/id?1018604 http://secunia.com/advisories/26584 http://secunia.com/advisories/26971 http://www.vupen.com/english/advisories/2007/2977 XForce ISS Database: bugzilla-sendmail-command-execution(36243) https://exchange.xforce.ibmcloud.com/vulnerabilities/36243 |