SMTP Exim with Dovecot LDA sender_address Parameter Remote Command Execution -2 (OSVDB-93004)

Rule ID

1058289

Severity

High

Description

A remote command execution vulnerability exist in Exim MTA that uses the Dovecot as the Local Delivery Agent (LDA). The vulnerability is due to the dangerous configuration in Dovecot suggesting the "use_shell" option.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Exploits

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

cve-2013-unknown

osvdb-93004

EDB-25297

msf

Keyword

N/A

Created At

2013/11/21

Updated At

2023/01/06

This website uses cookies to ensure you get the best experience on our website.

Learn more