[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypas
From:       Dawid Golunski <dawid () legalhackers ! com>
Date:       2016-12-29 3:04:52
Message-ID: CADSYzsuHFEFFySPG18sgpV1i=xekNDpJe+6rDJkYmuOpY7P-LA () mail ! gmail ! com
[Download RAW message or body]

On Wed, Dec 28, 2016 at 2:58 PM, Solar Designer <solar@openwall.com> wrote:
> On Wed, Dec 28, 2016 at 03:03:39AM -0200, Dawid Golunski wrote:
>> This was reported responsibly to the vendor & assigned a CVEID on the
>> 26th of December.
>> The vendor has been working on a new patch which would fix the problem but
>> not break the RFC too badly. The patch should be published very soon.
>>
>> I'm releasing this as a 0day without the new patch available publicly
>> as a potential bypass was publicly discussed on oss-sec with Solar
>> Designer in the PHPMailer < 5.2.18 thread, so holding the advisory
>> further would serve no purpose.
>
> Yeah.  I did think for a moment before posting in here yesterday, but
> for a number of reasons chose to go ahead with the public discussion.
>
> Alexander

Hi Alexander,

No worries,  good that the patch came in quick so it wasn't too bad I guess.
Got a bunch of critical comments but most of them are pretty funny
anyway ;) E.g.

https://twitter.com/dawid_golunski/status/814253540503908356

;D

Good work on sensing trouble in that bit of code too though.


-- 
Regards,
Dawid Golunski
https://legalhackers.com
t: @dawid_golunski
[prev in list] [next in list] [prev in thread] [next in thread]