CVE-2007-4560

Published: Aug 28, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to execute arbitrary commands via shell metacharacters that are used in a certain popen call, involving the "recipient field of sendmail."

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

GLSA-200709-14

vendor-advisory

x_refsource_GENTOO

3063

third-party-advisory

x_refsource_SREASON

26822

third-party-advisory

x_refsource_SECUNIA

26916

third-party-advisory

x_refsource_SECUNIA

20070824 n.runs-SA-2007.025 - ClamAV Remote Code Execution Advisory

mailing-list

x_refsource_BUGTRAQ

26683

third-party-advisory

x_refsource_SECUNIA

http://www.nruns.com/security_advisory_clamav_remote_code_exection.php

x_refsource_MISC

FEDORA-2007-2050

vendor-advisory

x_refsource_FEDORA

DSA-1366

vendor-advisory

x_refsource_DEBIAN

ADV-2008-0924

vdb-entry

x_refsource_VUPEN

2007-0026

vendor-advisory

x_refsource_TRUSTIX

29420

third-party-advisory

x_refsource_SECUNIA

SUSE-SR:2007:018

vendor-advisory

x_refsource_SUSE

APPLE-SA-2008-03-18

vendor-advisory

x_refsource_APPLE

26751

third-party-advisory

x_refsource_SECUNIA

1018610

vdb-entry

x_refsource_SECTRACK

26654

third-party-advisory

x_refsource_SECUNIA

http://docs.info.apple.com/article.html?artnum=307562

x_refsource_CONFIRM

MDKSA-2007:172

vendor-advisory

x_refsource_MANDRIVA

26674

third-party-advisory

x_refsource_SECUNIA

25439

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-4560

Description

Affected Products

References