Exim With Dovecot Misconfiguration Remote Command Execution Vulnerability
Gravité: : Critique
Date du conseil: 21 juillet 2015
Description
Dovecot, when configured with Exim as a local delivery agent, contains a flaw that is due to the program failing to properly sanitize input in the 'sender_address' parameter, which is supplied via a 'MAIL FROM' header. This may allow a remote attacker to execute arbitrary commands.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1005495