Results 1 to 2 of 2

Thread: PHPMailer < 5.2.20

  1. #1
    Join Date
    Mar 2006
    Location
    Netherlands
    Posts
    226

    PHPMailer < 5.2.20

    A(n) (couple of) exploit(s) have been discovered in PHPmailer, which is used by many CMS/websites.

    Initial report which is patched: https://legalhackers.com/advisories/...0033-Vuln.html
    New CVE since initial patch is still vulnerable: https://legalhackers.com/advisories/...ch-Bypass.html
    Explaination for dummies: https://www.wordfence.com/blog/2016/...vulnerability/

    I am not sure how vulnerable a DirectAdmin system is, as Sendmail is being linked to Exim. Are we safe?*
    *ofcourse PHPmailer must be updated, but it will be the difference in calling all affected website owners or sending them an email and give them a week to update.

  2. #2
    Join Date
    Apr 2016
    Posts
    15
    According the exploit description:
    An attacker could pass the -X parameter of sendmail to write out a log file with arbitrary PHP code.
    Exim command line docs:
    -X <logfile>
    This option is interpreted by Sendmail to cause debug information to be sent to the named file. It is ignored by Exim.
    As far as i understand, this specific exploit (-X parameter) can not be abused on servers with Exim.

    However, other parameters can/may be abused so a patch for PHPMailer is probably still necessary.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •