CVE-2009-1579

2009-05-14T17:30:00
ID CVE-2009-1579
Type cve
Reporter cve@mitre.org
Modified 2017-09-29T01:34:00

Description

The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.18 and NaSMail before 1.7 allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program.