|
Message-ID: <CADSYzsuHFEFFySPG18sgpV1i=xekNDpJe+6rDJkYmuOpY7P-LA@mail.gmail.com> Date: Thu, 29 Dec 2016 01:04:52 -0200 From: Dawid Golunski <dawid@...alhackers.com> To: oss-security@...ts.openwall.com Subject: Re: PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) On Wed, Dec 28, 2016 at 2:58 PM, Solar Designer <solar@...nwall.com> wrote: > On Wed, Dec 28, 2016 at 03:03:39AM -0200, Dawid Golunski wrote: >> This was reported responsibly to the vendor & assigned a CVEID on the >> 26th of December. >> The vendor has been working on a new patch which would fix the problem but >> not break the RFC too badly. The patch should be published very soon. >> >> I'm releasing this as a 0day without the new patch available publicly >> as a potential bypass was publicly discussed on oss-sec with Solar >> Designer in the PHPMailer < 5.2.18 thread, so holding the advisory >> further would serve no purpose. > > Yeah. I did think for a moment before posting in here yesterday, but > for a number of reasons chose to go ahead with the public discussion. > > Alexander Hi Alexander, No worries, good that the patch came in quick so it wasn't too bad I guess. Got a bunch of critical comments but most of them are pretty funny anyway ;) E.g. https://twitter.com/dawid_golunski/status/814253540503908356 ;D Good work on sensing trouble in that bit of code too though. -- Regards, Dawid Golunski https://legalhackers.com t: @dawid_golunski
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.