CVE-2007-4560
CVE-2007-4560
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."
Affected products
n/a · n/apublic PoCs found — 5
githubgithub.com/Strikoder-Premium/sendmail-clamav-exploit-CVE-2007-4560★ 4githubgithub.com/0x1sac/ClamAV-Milter-Sendmail-0.91.2-Remote-Code-Execution★ 0exploitdbwww.exploit-db.com/exploits/16924unverifiedexploitdbwww.exploit-db.com/exploits/9913unverifiedexploitdbwww.exploit-db.com/exploits/4761unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://docs.info.apple.com/article.html?artnum=307562http://lists.apple.com/archives/security-announce/2008/Mar/msg00001.htmlhttp://secunia.com/advisories/26654http://secunia.com/advisories/26674http://secunia.com/advisories/26683http://secunia.com/advisories/26751http://secunia.com/advisories/26822http://secunia.com/advisories/26916http://secunia.com/advisories/29420http://security.gentoo.org/glsa/glsa-200709-14.xmlhttp://securityreason.com/securityalert/3063https://www.redhat.com/archives/fedora-package-announce/2007-September/msg00104.html