Red Hat Bugzilla – Bug 260581
CVE-2007-4560 ClamAV missing escaping of popen() arguments
Last modified: 2007-11-30 17:12:14 EST
Reference: BUGTRAQ:20070824 n.runs-SA-2007.025 - ClamAV Remote Code Execution
clamav-milter in ClamAV before 0.91.2, when run in black hole mode,
allows remote attackers to execute arbitrary commands via shell
metacharacters that are used in a certain popen call, involving the
"recipient field of sendmail."
Ping on this issue. Was this solved in
https://admin.fedoraproject.org/updates/F7/clamav-0.91.2-2.fc7 this update?
The changelog says:
* Sat Aug 25 2007 Enrico Scholz <firstname.lastname@example.org> - 0.91.2-2
- fixed an open(2) issue
* Sat Aug 25 2007 Enrico Scholz <email@example.com> - 0.91.2-1
- arbitrary command execution by special crafted recipients in
clamav-milter's black-hole mode