PERL-MailTools Remote Command Execution Vulnerability

A vulnerability has been reported for a module, included in the perl-MailTools package, which may allow remote attackers to execute arbitrary commands on the underlying shell with the privileges of the mailx process.

User-supplied input is passed to the mailx mailer, but is not sufficiently sanitized of shell metacharacters before being passed through the shell.


 

Privacy Statement
Copyright 2010, SecurityFocus