Confirm E-Mail Header Remote Command Execution Vulnerability

The Confirm Procmail script is prone to a remote command execution vulnerability. This issue is exposed when the script handles malicious input such as shell metacharacters in e-mail headers.

Successful exploitation will allow for execution of shell commands in the context of the user invoking the script.


 

Privacy Statement
Copyright 2010, SecurityFocus