SMTP Exim with Dovecot LDA sender_address Parameter Remote Command Execution -2 (OSVDB-93004)
Rule ID
1058289
Severity
High
Description
A remote command execution vulnerability exist in Exim MTA that uses the Dovecot as the Local Delivery Agent (LDA). The vulnerability is due to the dangerous configuration in Dovecot suggesting the "use_shell" option.
Impact
Remote code execution
Recommendation
Update vendor's patch.
IPS Category
Exploits
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
Reference
Keyword
N/A
Created At
2013/11/21
Updated At
2023/01/06
This website uses cookies to ensure you get the best experience on our website.
Learn more