CVE-2010-1132

SpamAssassin Milter Plugin <0.3.1 - RCE

Title source: llm

Description

The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the expand option, allows remote attackers to execute arbitrary system commands via shell metacharacters in the RCPT TO field of an email message.

Exploits (1)

exploitdb WORKING POC VERIFIED

by kingcope · textremotemultiple

https://www.exploit-db.com/exploits/11662

View Code ZIP pw:eip

References (19)

Core 19

Core References

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/0559

Exploit mailing-list x_refsource_fulldisc

http://archives.neohapsis.com/archives/fulldisclosure/2010-03/0139.html

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/0683

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/39265

Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2010/0837

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/38578

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=572117

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2010/dsa-2021

Various Sources x_refsource_confirm

https://savannah.nongnu.org/bugs/?29136

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/11662

Issue Tracking x_refsource_confirm

http://bugs.debian.org/573228

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038535.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1023691

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/62809

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/56732

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/38956

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/38840

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038777.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora

http://lists.fedoraproject.org/pipermail/package-announce/2010-April/038572.html

Scores

EPSS 0.2032

EPSS Percentile 95.6%

Details

CWE

CWE-78

Status published

Products (1)

georg_greve/spamassassin_milter_plugin 0.3.1

Published Mar 27, 2010

Tracked Since Feb 18, 2026