9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.188 Low
EPSS
Percentile
96.3%
The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.
CPE | Name | Operator | Version |
---|---|---|---|
georg_greve:spamassassin_milter_plugin | georg greve spamassassin milter plugin | eq | 0.3.1 |
archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.html
bugs.debian.org/573228
lists.fedoraproject.org/pipermail/package-announce/2010-April/038535.html
lists.fedoraproject.org/pipermail/package-announce/2010-April/038572.html
lists.fedoraproject.org/pipermail/package-announce/2010-April/038777.html
osvdb.org/62809
secunia.com/advisories/38840
secunia.com/advisories/38956
secunia.com/advisories/39265
www.debian.org/security/2010/dsa-2021
www.exploit-db.com/exploits/11662
www.securityfocus.com/bid/38578
www.securitytracker.com/id?1023691
www.vupen.com/english/advisories/2010/0559
www.vupen.com/english/advisories/2010/0683
www.vupen.com/english/advisories/2010/0837
bugzilla.redhat.com/show_bug.cgi?id=572117
exchange.xforce.ibmcloud.com/vulnerabilities/56732
savannah.nongnu.org/bugs/?29136