Showing 1 - 3 of 3

CVE-2016-10074

Status Candidate

Overview

The mail transport (aka Swift_Transport_MailTransport) in Swift Mailer before 5.4.5 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a "" (backslash double quote) in a crafted e-mail address in the (1) From, (2) ReturnPath, or (3) Sender header.

Related Files

Debian Security Advisory 3769-1: Posted Jan 23, 2017; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3769-1 - Dawid Golunski from LegalHackers discovered that PHP Swift Mailer, a mailing solution for PHP, did not correctly validate user input. This allowed a remote attacker to execute arbitrary code by passing specially formatted email addresses in specific email headers.; tags | advisory, remote, arbitrary, php; systems | linux, debian; advisories | CVE-2016-10074; MD5 | 35e5943384aadc42f6da685cc43be28c; Download | Favorite | Comments (0)

PHPMailer / Zend-mail / SwiftMailer Remote Code Execution: Posted Jan 3, 2017; Authored by Dawid Golunski; This proof of concept exploit aims to execute a reverse shell on the target in the context of the web server user via a vulnerable PHP email library.; tags | exploit, web, shell, php, proof of concept; advisories | CVE-2016-10033, CVE-2016-10034, CVE-2016-10045, CVE-2016-10074; MD5 | a0be91defae2564f4405c81fdeab38cd; Download | Favorite | Comments (0)

SwiftMailer Remote Code Execution: Posted Dec 29, 2016; Authored by Dawid Golunski; SwiftMailer versions prior to 5.4.5-DEV suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2016-10074; MD5 | 867421c2ab76adf20394234a4a466e45; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Want To Donate?

Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Red Hat 71 files
Ubuntu 46 files
Debian 18 files
LiquidWorm 13 files
Google Security Research 10 files
Apple 9 files
Berk Dusunur 6 files
Slackware Security Team 6 files
Gentoo 6 files
lokihardt 5 files

File Archives

Systems

AIX (409)
Apple (1,563)
BSD (336)
Cisco (1,815)
Debian (5,552)
Fedora (1,683)
FreeBSD (1,196)
Gentoo (3,586)
HPUX (865)
iOS (176)
iPhone (103)
IRIX (219)
Juniper (66)
Linux (33,733)
Mac OS X (653)
Mandriva (3,105)
NetBSD (255)
OpenBSD (456)
RedHat (6,641)
Slackware (836)
Solaris (1,569)
SUSE (1,444)
Ubuntu (5,717)
UNIX (8,303)
UnixWare (172)
Windows (5,353)
Other