ID: 12178 Updated by: derick Reported By: [EMAIL PROTECTED] Old Status: Open Status: Closed Bug Type: Mail related Operating System: All UNIX PHP Version: 4.0.6 New Comment:
This was fixed a long time ago. (on 2001/07/05 08:47:37) Previous Comments: ------------------------------------------------------------------------ [2001-07-15 13:14:46] [EMAIL PROTECTED] ext/standard/mail.c is potentialy insecure. >extra_cmd = (*argv[4])->value.str.val; >strcat (sendmail_cmd, extra_cmd); >sendmail = popen(sendmail_cmd, "w"); So it is possible to use extra_cmd to gain shell access. ------------------------------------------------------------------------ Edit this bug report at http://bugs.php.net/?id=12178&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
