We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
squirrelmail
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

OMG - unsanitized shell command. Thanks to Niels Teusink. (CVE-2009-1579)

pdontthink 16 years ago
parent
a84b48ed85
commit
eda7b9b157
2 changed files with 3 additions and 1 deletions
Split View Show Diff Stats
  1. 2 0
      doc/ChangeLog
  2. 1 1
      functions/imap_general.php

+ 2 - 0
doc/ChangeLog
View File 

@@ -301,6 +301,8 @@ Version 1.5.2 - SVN
 
   - Fixed the lack of sanitizing of contrib/decrypt_headers.php input;
 
     also includes general cleanup of that page (Thanks to Niels Teusink).
 
     [also CVE-2009-1578]
 
+  - Fixed unsanitized shell command in example IMAP username mapping
 
+    function (map_yp_alias) (Thanks to Niels Teusink). [CVE-2009-1579]
 
 
 Version 1.5.1 (branched on 2006-02-12)
 
 --------------------------------------

+ 1 - 1
functions/imap_general.php
View File 

@@ -1436,6 +1436,6 @@ function sqimap_get_user_server ($imap_server, $username) {
 
  * @since 1.3.0
 
  */
 
 function map_yp_alias($username) {
 
-   $yp = `ypmatch $username aliases`;
 
+   $yp = `ypmatch ' . escapeshellarg($username) . ' aliases`;
 
    return chop(substr($yp, strlen($username)+1));
 
 }

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5