Executive Summary

Summary
Title libphp-phpmailer regression update
Informations
Name DSA-3750 First vendor Publication 2016-12-31
Vendor Debian Last vendor Modification 2017-01-03
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A functionally regression was discovered in some specific usage scenarios of PHPMailer following the security update of DSA-3750. New packages have been released which correct the problem. The original advisory text follows for referecen.

Dawid Golunski discovered that PHPMailer, a popular library to send email from PHP applications, allowed a remote attacker to execute code if they were able to provide a crafted Sender address.

Note that for this issue also CVE-2016-10045 was assigned, which is a regression in the original patch proposed for CVE-2016-10033. Because the origial patch was not applied in Debian, Debian was not vulnerable to CVE-2016-10045.

For the stable distribution (jessie), this problem has been fixed in version 5.2.9+dfsg-2+deb8u3.

For the unstable distribution (sid), this problem has been fixed in version 5.2.14+dfsg-2.2.

We recommend that you upgrade your libphp-phpmailer packages.

Original Source

Url : http://www.debian.org/security/2017/dsa-3750

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-88 Argument Injection or Modification
50 % CWE-77 Improper Sanitization of Special Elements used in a Command ('Command Injection')

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 610

SAINT Exploits

Description Link
PHPMailer PwnScriptum Remote Code Execution More info here
PHPMailer Command Injection in WordPress Core via Exim More info here

Snort® IPS/IDS

Date Description
2018-04-12 PHPMailer command injection remote code execution attempt
RuleID : 45917 - Revision : 1 - Type : SERVER-WEBAPP
2017-04-06 PHPMailer command injection remote code execution attempt
RuleID : 41813 - Revision : 3 - Type : SERVER-WEBAPP
2017-02-01 PHPMailer command injection remote code execution attempt
RuleID : 41106 - Revision : 5 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2017-05-19 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL73926196.nasl - Type : ACT_GATHER_INFO
2017-05-16 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL74977440.nasl - Type : ACT_GATHER_INFO
2017-03-20 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_f72d98d10b7e11e7970f002590263bf5.nasl - Type : ACT_GATHER_INFO
2017-01-18 Name : The remote Fedora host is missing a security update.
File : fedora_2017-c3dc97e1e1.nasl - Type : ACT_GATHER_INFO
2017-01-18 Name : A PHP application running on the remote web server is affected by multiple vu...
File : wordpress_4_7_1.nasl - Type : ACT_GATHER_INFO
2017-01-06 Name : The remote Fedora host is missing a security update.
File : fedora_2016-6941d25875.nasl - Type : ACT_GATHER_INFO
2017-01-03 Name : The remote Debian host is missing a security update.
File : debian_DLA-770.nasl - Type : ACT_GATHER_INFO
2017-01-03 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3750.nasl - Type : ACT_GATHER_INFO
2016-12-29 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_3c4693deccf711e6a9a5b499baebfeaf.nasl - Type : ACT_GATHER_INFO
2016-12-27 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_c7656d4ccb6011e6a9a5b499baebfeaf.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
Date Informations
2017-01-23 21:26:18
  • Multiple Updates
2017-01-04 13:23:10
  • Multiple Updates
2017-01-03 21:26:02
  • Multiple Updates
2017-01-03 21:23:40
  • Multiple Updates
2016-12-31 13:23:18
  • First insertion