[exim-dev] [Bug 2118] sendmail -be and ${run} macro security…

トップ ページ
このメッセージを削除
このメッセージに返信
著者: admin
日付:  
To: exim-dev
題目: [exim-dev] [Bug 2118] sendmail -be and ${run} macro security problem
https://bugs.exim.org/show_bug.cgi?id=2118

--- Comment #5 from Heiko Schlittermann <hs@???> ---
(In reply to Sandor Takacs from comment #0)
> I found this WordPress + Exim remote code execution exploit on exploit-db
> site. It uses "exim -be '${run...}'" to place payload on the remote system.
>
> https://exploitbox.io/vuln/WordPress-Exploit-4-6-RCE-CODE-EXEC-CVE-2016-
> 10033.html


It's remote character is a Wordpress problem. A remote attacker can run
commands on the Wordpress site. Exim is one of the commands, but not the only
one. Probably an attacker can even run "cat", "touch" and so on. Where is the
vulnerability? Are "cat", "touch", and so on, no vulnerable? Or is Wordpress
vulnerable?

--
You are receiving this mail because:
You are on the CC list for the bug.