bi an.org/poo l/updates/ main/c/cla mav/clamav -dbg_0.90. bi an.org/poo l/updates/ main/c/cla mav/clamav -daemon_0. bi an.org/poo l/updates/ main/c/cla mav/libcla mav2_0.90. bi an.org/poo l/updates/ main/c/cla mav/libcla mav-dev_0. bi an.org/poo l/updates/ main/c/cla mav/clamav -milter_0. bi an.org/poo l/updates/ main/c/cla mav/clamav -freshclam _0.90.1-3e tch7_amd64. bi an.org/poo l/updates/ main/c/cla mav/clamav _0.90.1-3e tch7_amd64. Solutions for this threat ClamAV: version 0.91.2. An attacker with a beginner ability can exploit this computer weakness bulletin. The trust level is of type confirmed by the editor, with an origin of document.Ī proof of concept or an attack tool is available, so your teams have to process this alert. Our Vigilance Vulnerability Alerts team determined that the severity of this weakness announce is important.
#BLACKHOLE DEVNULL FACEBOOK EMAIL SOFTWARE#
This computer threat alert impacts software or systems such as ClamAV, Debian, Mandriva Linux, openSUSE, SLES. This vulnerability therefore permits an attacker to execute shell commands with root privileges.įull bulletin, software filtering, emails, fixes. An attacker can for example use following order to execute the command between backticks characters: However, special characters contained in the destination email address are not filtered before calling popen() to run the shell command. Sendmail -bv command is run with root privileges via a popen() call:
This options calls sendmail in verify mode: The "-black-hole-mode" option of clamav-milter permits to check if destination email address is valid (if it is not redirected to /dev/null).
The clamav-milter program is used as a link between ClamAV daemon and Sendmail. Vulnerable products: ClamAV, Debian, Mandriva Linux, openSUSE, SLES. When clamav-milter is configured in black-hole-mode, an attacker can use a malicious address in order to execute a command. Vulnerability of ClamAV: command execution in black-hole-mode Synthesis of the vulnerability
0 kommentar(er)
