Описание
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 4.2.1-1 |
| edgy | released | 4.2.1-1 |
| feisty | released | 4.2.1-1 |
| gutsy | released | 4.2.1-1 |
| hardy | released | 4.2.1-1 |
| intrepid | released | 4.2.1-1 |
| jaunty | released | 4.2.1-1 |
| karmic | released | 4.2.1-1 |
| upstream | released | 4.2.1 |
Показывать по
Ссылки на источники
EPSS
5 Medium
CVSS2
Связанные уязвимости
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 ...
Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.
EPSS
5 Medium
CVSS2