SAINT CorporationSAINT:60F2386DE6EC4A28B3F283172E9605E5Hastymail rs parameter command injection
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.76 High
EPSS
Percentile
98.2%
Added: 12/28/2011
CVE: CVE-2011-4542
BID: 50791
OSVDB: 77331
Background
Hastymail is a fast, secure, rfc-compliant, cross-platform IMAP/SMTP client application written in PHP providing a clean web interface for sending and reading E-mail.
Problem
Hastymail2 fails to properly sanitize user-supplied input passed to rs and rsargs[] parameters to the default URI. This can be exploited to execute arbitrary commands.
Resolution
Upgrade to Hastymail2 2.1.1-RC2 or later.
References
<https://www.dognaedis.com/vulns/DGS-SEC-3.html>
Limitations
This exploit has been tested against Hastymail2 2.1.0 on Windows XP SP3 and Hastymail2 2.1.1-RC1 on Ubuntu 10.04 Linux.
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.76 High
EPSS
Percentile
98.2%