PHPMailer Vulnerability

Peekay · Post by **Peekay** » Mon 18. Jun 2007, 00:21

Does this affect PHPWCMS?

http://sourceforge.net/tracker/index.ph ... tid=385707

Peekay · Post by **Peekay** » Tue 19. Jun 2007, 01:48

If the above advisory is relevent, you should open:

include/inc_ext/phpmailer/class.phpmailer.php

and replace:

function SendmailSend($header, $body) {
        if ($this->Sender != "")
        $sendmail = sprintf("%s -oi -f %s -t", $this->Sendmail, $this->Sender);
        else
        $sendmail = sprintf("%s -oi -t", $this->Sendmail);

with:

Code: Select all

function SendmailSend($header, $body) {
         if ($this->Sender != "") {
         $sendmail = sprintf("%s -oi -f %s -t", escapeshellcmd($this->Sendmail), escapeshellarg($this->Sender));
         } else {
         $sendmail = sprintf("%s -oi -t", escapeshellcmd($this->Sendmail));
         }

1996 328ti · Post by **1996 328ti** » Fri 7. Sep 2007, 17:25

Just an FYI.
Two of my sites on different servers have been spewing out emails.
My host believes it was because of phpmailer.
I have deleted it entirely since I don't use it.
Hopefully it won't cause any problems.

Post by **update** » Fri 7. Sep 2007, 17:37

This is fixed in trunk 20-08-2007 (don't know about previous versions)
claus