Am 26.09.2014 02:59 schrieb Joseph Tam:
Since dovecot passes values via environment variables based on
user input (e.g. username, password, mailbox?) to auxilliary
executables (including possibly bash shell scripts), is dovecot
vulnerable to this exploit?
Given this article about how e.g. PHP could be vulnerable via
popen/system:
http://lcamtuf.blogspot.de/2014/09/quick-notes-about-bash-bug-its-impact.html
I can only think about sieve now, when it constructs mail and pipes that
to sendmail_path,
but I would be surprised if this is using user-input (e.g. script) in
environment variables.
I was skimming through Roundcube and didnt find something 'fishy' so
far, but that
doesnt mean there is nothing ;-).
