Risk | High |
Patch available | YES |
Number of vulnerabilities | 1 |
CVE-ID | CVE-2017-7692 |
CWE-ID | CWE-77 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Gentoo Linux Operating systems & Components / Operating system |
Vendor | Gentoo |
Security Bulletin
This security bulletin contains one high risk vulnerability.
EUVDB-ID: #VU6596
Risk: High
CVSSv3.1: 8.9 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-7692
CWE-ID:
CWE-77 - Command injection
Exploit availability: Yes
DescriptionThe vulnerability allows a remote authenticated attacker to execute arbitrary commands on a targeted system.
The weakness exists due to insufficient escaping of user-supplied input by the escapeshellcmd() when configured with Sendmail as the email delivery transport method. A remote attacker can upload a specially crafted sendmail.cf file as an email attachment that is mishandled in a popen call, trigger vulnerability in the Deliver_SendMail.class.php with the initStream function and execute arbitrary shell commands to conduct further attacks.
Successful exploitation of the vulnerability may result in full system compromise.
Update the affected packages.
mail-client/squirrelmail to version:
Gentoo Linux: All versions
External linkshttp://security.gentoo.org/glsa/201709-13
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.