CVE-2006-1251 — Code Injection in Sa-exim

CWE-94 — Code Injection CWE-416 — Use After Free6 documents5 sources

Severity

5.0MEDIUMNVD

EPSS

0.7%

top 28.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Sa-exim Debian Sa-exim

Timeline

PublishedMar 19

Latest updateMay 1

Description

Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows remote attackers to delete arbitrary files via an email with a To field that contains a filename separated by whitespace, which is not quoted when greylistclean.cron provides the argument to the rm command.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/sa-exim< sa-exim 4.2.1-1 (bookworm)

▶Debiansa-exim/sa-exim< 4.2.1-1+2

▶NVDsa-exim/sa-exim4.0, 4.1, 4.2+2

Patches

Patch: marc.merlins.org ↗Patch: www.securityfocus.com ↗Patch: marc.merlins.org ↗

🔴Vulnerability Details

GHSA

GHSA-m67m-57fm-4w9h: Argument injection vulnerability in greylistclean↗2022-05-01

▶

OSV

CVE-2006-1251: Argument injection vulnerability in greylistclean↗2006-03-19

▶

📋Vendor Advisories

Red Hat

perl-DBD-MySQL: Use after free when using prepared statements↗2016-11-18

▶

Debian

CVE-2006-1251: sa-exim - Argument injection vulnerability in greylistclean.cron in sa-exim 4.2 allows rem...↗2006

▶

Red Hat

sa-exim 4.2 vulnerability↗

▶