vulnerability in phpmailer

Date 2007/6/14 12:37:52 | Topic: Security

A vulnerability is reported in PHPMailer, which can be exploited by malicious people to compromise a vulnerable system if Sendmail method is enabled.

Although the issue is not critical in XOOPS environment, we would suggest to switch to other methods than Sendmail, or to download quick fixes:
fix for XOOPS 2.0*
fix for XOOPS 2.2*

Note: official response and solutions are still being waited from phpmailer development group, and will be released in XOOPS 2.017 and XOOPS 2.25

Thank GIJOE, irmtfan, vaughan etc for reporting and solutions.

This article comes from XOOPS Web Application System

The URL for this story is: