Dawid Golunski wrote on 26/12/2016 03:31:
Patching: Responsibly disclosed to PHPMailer team. They've released a critical security release. If you are using an affected release update to the 5.2.18 security release as advised at: https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md
Am I wrong or the vulnerability only applies if you use the sendmail method to send messages and does not apply if you use SMTP on port 25?
I have patched all my PHPMailer installation yesterday, I am asking this only for personal curiosity.
Thank you -- Ciao, luigi / +--[Luigi Rosa]-- \ http://127.0.0.1 Error 404: No One Home _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
