11
vaughan
Re: [Fixed] command injection of phpmailer ? is this really important?
  • 2007/6/14 17:55

  • vaughan

  • Friend of XOOPS

  • Posts: 680

  • Since: 2005/11/26


Line 393 in the SendmailSend function in class.phpmailer.php has the vulnerable code. If the Sender property is set by the initiating script it is possible to execute arbitrary commands.

The Sender property is most typically set in the host application by reading the value of the e-mail field or comment forms, which is where most attack vectors will be found.

The solution of course is to properly escape the input with the escapeshellarg() or escapeshellcmd() functions.

above taken from http://larholm.com/2007/06/11/phpmailer-0day-remote-execution/

maybe it isn't necessary to escape this->sendmail, i didn't write the solution i only passed the solution on.

but either way, it's more secure having it there is it not? (and it certainly doesn't do any harm)

12
macmend
Re: [Fixed] command injection of phpmailer ? is this really important?
  • 2008/11/24 16:08

  • macmend

  • Quite a regular

  • Posts: 285

  • Since: 2004/2/27


is this fixed in 2.3??
Free Mac Support

Ordinary Wisdom

apache server with php sshexec turned on
xoops version 2.0.18.1 & 2.3.1
php version 5.2.5
mysql version 5.0.45

Login

Who's Online

394 user(s) are online (235 user(s) are browsing Support Forums)


Members: 0


Guests: 394


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits