|
|
CVE Reference: CVE-2006-1251 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-1251 |
|
|
Description: Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/25286 SAID Secunia Advisory: SA19225 MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=345071 CONFIRM http://marc.merlins.org/linux/exim/files/sa-exim-cvs/Changelog.html BID 17110 |
|
| Return to the previous page. |
