CVE-2001-0889

Published: Jun 25, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

Exim 3.22 and earlier, in some configurations, does not properly verify the local part of an address when redirecting the address to a pipe, which could allow remote attackers to execute arbitrary commands via shell metacharacters.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

3728

vdb-entry

x_refsource_BID

exim-pipe-hostname-commands(7738)

vdb-entry

x_refsource_XF

DSA-097

vendor-advisory

x_refsource_DEBIAN

20011219 [[email protected]: [Exim] Potential security problem]

mailing-list

x_refsource_BUGTRAQ

VU#283723

third-party-advisory

x_refsource_CERT-VN

RHSA-2001:176

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2001-0889

Description

Affected Products

References